Address
Form of work
SalaryJob Summary:
This role will report to the Manager of Technical Services Delivery – Governance, Risk and Compliance (GRC) within the Stratascale department.
Stratascale is seeking a Sr. Security Consultant – Third Party Risk Management Programs, Strategy & Risk with experience evaluating regulations and requirements, business processes, identifying needs, and developing strategies to maximize cybersecurity improvements. The candidate would be responsible for working with clients to understand their various risk and compliance processes and to aid in the design, configuration, and testing of technologies to meet those needs.
This role will report to the Manager of Technical Services Delivery – Governance, Risk and Compliance (GRC) within the Stratascale department.
This position is remote with a Home Office setup as determined by Stratascale management.
About Us: Stratascale, an SHI company, brings together the benefits of 31 years' experience delivering the very best technologies with a fresh consultative approach to designing, delivering and supporting the technology our customers need to transform their business. We call it Digital Agility.
To learn more about Stratascale visit our website: https://stratascale.com/
Responsibilities: Includes, but not limited to:
- Responsible for leading, developing and facilitating vendor due-diligence processes and help define overall third-party risk management Cybersecurity efforts
- Design assessment third party risk workflows based on customer organizational structure and business requirements
- Configure and manage workflows, risk registers, exceptions management processes, reports, and notification withing Governance, Risk, and Compliance (GRC) platforms
- Educate customers and mentor fellow team members on GRC and IRM best practices
- Own the tracking and reporting of organizational risk and compliance metrics to customers
- Assess, document, and report on the compliance and risk posture of information assets for Stratascale and its customers
- Lead internal and external audit processes for relevant compliance
- Design and partner with various business units to ensure controls are adequate, appropriate, and effective
- Design definitions of security standards and development of organizational policies and procedures
- Develop customer information security compliance programs, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations
- Develop strategies to address awareness and training for all stakeholders as well as technical solutions
- Stay informed on current and emerging regulatory and compliance trends and initiatives
- Minimum 10+ years client-facing experience working in complex, demanding environments
- Bachelor’s degree or equivalent combination of education and experience
- Experience leading, developing, and facilitating compliance and validation activities for third party risk management
- Experience with IT governance, risk, and compliance management in a complex global environment
- Familiarity with security frameworks
- Team player with strong work ethic with attention to detail
- Excellent written, verbal, and consultative skills (e.g., professionalism, collaboration, negotiation, conflict resolution, quick learner, etc.)
- Good Interpersonal skills that demonstrate the ability to communicate with both technical and non-technical personnel in cross-functional teams to influence decision making
- Strong process and data analysis skills with the ability to communicate systems concepts in a meaningful business context
- Proficiency with Microsoft Office Suite (e.g., Word, Excel, PowerPoint, Visio)
- Willingness to obtain Industry certifications (e.g., CTPRP, CISSP, CISM, CRISC, CIPP, CISA)
- Experience with one or more of the following: TruOps, Prevalent, ServiceNow GRC, Microsoft Compliance Manager and Microsoft Purview, and/or other relevant GRC, Privacy, and/or Third Party Risk Management technologies
- Experience with IT governance, risk, and compliance management in a complex global environment
- Familiarity with third party risk management processes and frameworks
- Strong understanding of fundamental information security concepts and technology
- Ability to develop security standards and guidelines based on best practices and industry standards
- Experience in a Security Consultant role with responsibility for facilitating meetings to define / compile business requirements and developing functional / technical documentation, in a client environment
- Experience working on systems implementation projects with COTS / 3rd party software, including configuration and testing activities
- Experience with Big 4 consulting firms, or other global system integrators a plus
- Attend virtual customer meetings when appropriate
- Travel to customer sites, partner sites, conferences, and Stratascale offices up to 20% annually
- The estimated annual pay range for this position is $165,000 - $240,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending.
- Equal Employment Opportunity – M/F/Disability/Protected Veteran Status
