Job
Description
As a member of the Huron corporate team, you play a crucial role in shaping the evolution of our business model to proactively respond to market dynamics, industry shifts, and client demands. Collaborating closely with our accounting, finance, human resources, IT, legal, marketing, and facilities management professionals, you contribute to supporting Huron's collective strategies that drive real transformation and sustainable business outcomes. Joining Huron Consulting Group's Corporate Security and GRC team, you will be instrumental in overseeing and directing the global enterprise information security program. Working in collaboration with key stakeholders across various departments including IT, HR, Legal, Finance, Procurement, and Business Units like Consulting-Healthcare, Consulting-Education, and Digital, you will play a pivotal role in managing security efforts and Governance, Risk, and Compliance (GRC) initiatives across the organization. In the role of Information Security GRC (Senior Associate), you will work hand in hand with the Corporate Security GRC team to ensure Huron's compliance with certifications, regulations, and data governance best practices. Your responsibilities will include actively participating in cybersecurity and vulnerability management projects, ensuring adherence to information security frameworks and regulations such as ISO27001, ISO22301, EU-US Privacy Shield, HIPAA, Sarbanes Oxley, CMMC, and FedRAMP. The ideal candidate for this position should have 2-4 years of experience in governance, risk, and compliance disciplines, encompassing areas like data governance, information security, audit, or technical writing. A Bachelor's degree in Business/Management Information Systems, Computer Science, or a related field is required. Profound knowledge of data governance frameworks, methodologies, and best practices with a particular focus on Data Lake environments is essential. Moreover, hands-on experience with data privacy, data protection, and regulatory aspects of data governance is crucial. This includes expertise in creating and implementing a data rights framework, managing contractual requirements, and developing data governance strategies, architecture, practices, and technology implementation. Strong communication, documentation skills, multitasking abilities, organizational skills, and meeting deadlines are prerequisites for excelling in this role. Preferred qualifications include professional certification in Data Governance, Information Security, Risk Management, or Audit (or a willingness to obtain certifications) such as CDMP, DGSP, CISM, CRISC, CISSP, HCISPP, Security+, CISA, or Certified ISO 27001: 2022 Lead Auditor. Experience with GRC tools, particularly ServiceNow, databases like Oracle or SQL Server, proficiency in the Microsoft Office Suite, and the ability to remain calm under pressure while effectively managing tasks are highly valued skills in this role.,
