Cybersecurity GRC & Assurance Consultant

W2 Acceptable Cybersecurity GRC & Assurance Consultant Duration: 12 Months+ Fully Remote, prefer someone who can easily travel to Baltimore & Houston NIST Framework for Attestations • Deep understanding of the NIST Cybersecurity Framework (and NIST SP 800-53) in the context of attestation processes. The consultant should specialize in confirming existing cybersecurity measures against NIST standards through the configuration of an attestation tool, gathering control owner responses, and providing attestation reports that clearly outline compliance levels and necessary adjustments. Cyber / IT Governance, Risk, and Compliance (GRC) • Comprehensive expertise in Cyber and IT GRC practices, with a focus on implementing governance frameworks and ensuring compliance with industry standards. The consultant should facilitate the alignment of cybersecurity strategy with business goals and regulatory requirements through robust GRC processes. Cyber / IT Control Testing and Assurance • Specialized knowledge in designing and executing control testing methodologies. This includes evaluating the effectiveness of controls across different domains, providing assurance that they function as intended to protect the organization's assets and data. Risk Management and Mitigation Strategies • Identification and analysis of cybersecurity risks as part of a strategic approach to risk management. The consultant should be able to develop and recommend mitigation strategies that align with organizational risk tolerance and enhance overall security posture. Integration and Alignment in M&A Contexts • Expertise in managing the cybersecurity aspects of mergers and acquisitions, ensuring seamless integration of policies, processes, and controls. This includes aligning the security postures of merging organizations and identifying any risks posed by the acquisition. Compliance Reporting and Documentation • Specialized skills in preparing detailed compliance reports and documentation that satisfy both internal and external organizational requirements. This involves documenting control efficiencies, deficiencies, and corrections comprehensively, ensuring transparency and accountability in all aspects of the GRC process Apply tot his job