Match score not available

Cyber Risk and Compliance Consultant

Remote:

Full Remote

Contract:

Freelance

Salary:

135 - 145K yearly

Experience:

Senior (5-10 years)

Work from:

United States

Offer summary

Qualifications:

5+ years of experience in cybersecurity, Strong knowledge of compliance frameworks, CISSP, CISA, CISM, or equivalent certifications, Bachelor's degree in related field.

Key responsabilities:

Develop custom cybersecurity programs
Conduct risk assessments for clients

Ascend Technologies Scaleup https://teamascend.com/

201 - 500 Employees

See all jobs

Job description

Risk and Compliance Consultant

Reports To: VP, Cybersecurity Department: Cybersecurity
Location: Remote Exemption Status: Exempt

PURPOSE:
The role of the Risk and Compliance Consultant provides the expertise required to properly scope and deliver cybersecurity solutions and services to our clients. They work closely with our clients to deliver risk management services that align industry best practices and regulatory requirements. The Risk and Compliance Consultant will identify risks and compliance gaps and collaborate with clients to prioritize and execute cybersecurity initiatives.

RESPONSIBILITIES:

Develop custom cybersecurity programs and drive cybersecurity initiatives that support regulatory requirements, risk appetite, budget targets, and desired outcomes

Performs cybersecurity risk assessments to identify and document client risks in accordance with industry best practices and regulatory bodies to include CMMC,

DFARS, NIST 800-171, NIST CSF, HIPAA, FDIC, GLBA, ISO 27001/2, PCIDSS, and MITRE ATT&CK

Continually manages risk management plans, milestones, and quarterly objectives to track progress and anticipate/notify of potential issues

Collaborates with IT resources and key stakeholders from other business units to assess impacts to business processes, consider compensating controls, and effectively communicate risk remediation initiatives

Leads monthly, quarterly, and annual presentations of risk management initiatives among client technical resources, key stakeholders, and senior management

Leads cybersecurity engineering resources to deliver vulnerability management, endpoint protection, privilege and identity management, network security, etc.

Actively monitors evolving threats and compliance changes and communicates findings to both Ascend and client stakeholders

Conducts vendor risk assessments to identify technical, operational, and compliance risks and recommend risk reduction strategies

Works closely with Ascend’s cybersecurity team to report issues, develop process improvement strategies, and ensure service success

Writes and updates cybersecurity policies and procedures aligned with client requirements

Leads cybersecurity training, tabletop exercises, and marketing events

Other Responsibilities as assigned by management

MINIMUM SKILLS, EDUCATION AND EXPERIENCE

5+ Years experience in cybersecurity, and framework alignment (CMMC, DFARS, NIST 800-171, NIST CSF, HIPAA, FDIC, GLBA, ISO 27001/2, CIS, etc.)

5+ Years of strong working knowledge of system, application, network, cloud, and data security best practices

One or more of the following certifications: CISSP, CISA, CISM, CRISC, GLSC, GSTRT, or equivalent

Proven success managing business risk, conducting vendor risk assessments, and executing cybersecurity controls

Working knowledge of Microsoft 365, Azure Active Directory/Active Directory, Security Awareness strategies, and Vulnerability Management practices

Excellent analytic, problem-solving, active-listening and decision-making skills

Excellent presentation, writing, interpersonal and communication skills

Comfortable engaging at executive levels to influence and provide strategic insight

Experience and/or strong desire to work in a fast-paced environment with evolving conditions

PREFERRED SKILLS, EDUCATION OR EXPERIENCE

5+ Years experience in Incident Response and Digital Forensics

Industry Specialized Certifications for PCI DSS, HITRUST, etc.

Working knowledge of PowerShell, Threat Hunting Techniques, SIEM, SOC, EDR Platforms, Privilege and Identity Management Platforms

Bachelor’s degree in computer science, management information systems, information Technology, engineering, mathematics, or a related field

At Ascend Technologies we firmly believe that diversity, equity, and inclusion are not only fundamental values but also powerful drivers of innovation, growth, and success. We are committed to fostering an environment where every individual feels valued, respected, and empowered.

CORE VALUES
We are seeking highly motivated individuals who have the willingness and ability to demonstrate Ascend core values:

Committed to Client Success: Our actions and our words always align with the best interest of the client.
One Team: We work collaboratively to overcome challenges with humility and respect and do what it takes to find innovative solutions.
Integrity: We are unquestionably committed to doing the right thing even when it is hard.
Accountability: We hold ourselves and each other accountable for keeping our commitments to our clients, our communities, and one another.
Transparency: We create open lines of communication with each other and our clients, fostering relationships founded on candor and trust.