Jobs via Dice
We are seeking an experienced
Senior IT Governance, Risk, and Compliance (GRC) Consultant
to lead and support enterprise‑wide risk management, compliance, and governance initiatives. The ideal candidate will have strong expertise in IT controls, regulatory frameworks, and risk assessments, and will partner closely with business, security, audit, and technology teams to ensure compliance with industry standards and regulatory requirements.
Key Responsibilities
Lead IT GRC initiatives including risk assessments, control design, implementation, and monitoring.
Develop, maintain, and enhance IT policies, standards, procedures, and governance frameworks.
Assess and manage technology risks related to infrastructure, applications, cloud, data, and third‑party vendors.
Ensure compliance with regulatory and industry frameworks such as SOX, ISO 27001, NIST, COBIT, PCI‑DSS, HIPAA, and GDPR (as applicable).
Support internal and external audits by preparing documentation, evidence, and remediation plans.
Perform gap assessments and maturity evaluations of security and IT control environments.
Advise stakeholders on risk mitigation strategies and control improvements.
Oversee third‑party risk management and vendor security assessments.
Track and report on risk issues, remediation efforts, and compliance status to leadership.
Collaborate with cybersecurity, IT operations, legal, and business teams to align risk management with business objectives.
Mentor junior GRC team members and provide subject‑matter expertise.
Required Qualifications
Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.
8+ years of experience in IT Governance, Risk, and Compliance or information security.
Strong knowledge of IT controls, risk management methodologies, and compliance requirements.
Hands‑on experience with GRC tools (e.g., Archer, ServiceNow GRC, OneTrust, LogicGate, or similar).
Experience supporting audits, compliance assessments, and regulatory examinations.
Excellent analytical, documentation, and communication skills.
Preferred Qualifications
Professional certifications such as CISA, CRISC, CISSP, CGEIT, ISO 27001 Lead Implementer/Auditor, or PMP.
Experience in cloud risk and compliance (AWS, Azure, Google Cloud Platform).
Knowledge of data privacy and third‑party risk management programs.
Prior consulting experience in large enterprise or regulated environments.
Key Skills
IT Risk Management
Regulatory Compliance
Policy and Control Development
Audit and Assurance
Stakeholder Management
Technical Documentation
GRC Tools and Reporting
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Software Development
Location: Jackson, MS
#J-18808-Ljbffr
Senior IT Governance, Risk, and Compliance (GRC) Consultant
to lead and support enterprise‑wide risk management, compliance, and governance initiatives. The ideal candidate will have strong expertise in IT controls, regulatory frameworks, and risk assessments, and will partner closely with business, security, audit, and technology teams to ensure compliance with industry standards and regulatory requirements.
Key Responsibilities
Lead IT GRC initiatives including risk assessments, control design, implementation, and monitoring.
Develop, maintain, and enhance IT policies, standards, procedures, and governance frameworks.
Assess and manage technology risks related to infrastructure, applications, cloud, data, and third‑party vendors.
Ensure compliance with regulatory and industry frameworks such as SOX, ISO 27001, NIST, COBIT, PCI‑DSS, HIPAA, and GDPR (as applicable).
Support internal and external audits by preparing documentation, evidence, and remediation plans.
Perform gap assessments and maturity evaluations of security and IT control environments.
Advise stakeholders on risk mitigation strategies and control improvements.
Oversee third‑party risk management and vendor security assessments.
Track and report on risk issues, remediation efforts, and compliance status to leadership.
Collaborate with cybersecurity, IT operations, legal, and business teams to align risk management with business objectives.
Mentor junior GRC team members and provide subject‑matter expertise.
Required Qualifications
Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.
8+ years of experience in IT Governance, Risk, and Compliance or information security.
Strong knowledge of IT controls, risk management methodologies, and compliance requirements.
Hands‑on experience with GRC tools (e.g., Archer, ServiceNow GRC, OneTrust, LogicGate, or similar).
Experience supporting audits, compliance assessments, and regulatory examinations.
Excellent analytical, documentation, and communication skills.
Preferred Qualifications
Professional certifications such as CISA, CRISC, CISSP, CGEIT, ISO 27001 Lead Implementer/Auditor, or PMP.
Experience in cloud risk and compliance (AWS, Azure, Google Cloud Platform).
Knowledge of data privacy and third‑party risk management programs.
Prior consulting experience in large enterprise or regulated environments.
Key Skills
IT Risk Management
Regulatory Compliance
Policy and Control Development
Audit and Assurance
Stakeholder Management
Technical Documentation
GRC Tools and Reporting
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Software Development
Location: Jackson, MS
#J-18808-Ljbffr