Team Lead & Security Consultant

Role Summary

The Team Leader is responsible for leading a team of Security Consultants, managing team and professional development goals, ensuring on-time delivery of GRC projects, and providing expert

guidance to team members on GRC-related matters.

Mandatory Skill Sets/Expertise

• Relevant bachelors or masters degree in computer science/ IT Auditing/ Information Systems/Privacy
• Have a minimum of 4 - 6 years of experience in the domain of cybersecurity and privacy
• Experience in information security standards and best practices (ISO 27001, SOC 2, NIST, HIPAA, PCI DSS, HITRUST, etc.)
• Experience in performing assessments and audits
• Deep understanding of risk management principles and IT controls
• Certified in relevant and industry recognized certifications

Key Responsibilities

• Lead a team of security consultants and analysts whereby ensuring the deliverables are met
• Assessing cybersecurity risks and vulnerabilities and partnering with the security team to identify and analyze potential threats, evaluating their impact and likelihood of occurrence
• Developing and implementing GRC strategies to analyze industry regulations and standards relevant to cybersecurity, translating them into practical policies and procedures for our organization
• End to End Implementation of various standards, regulatory and compliance requirements such as SOC 2, HIPAA, HITRUST, NIST CSF, ISO 27001
• Conducting GRC audits and collaborating and performing regular evaluations of our security controls and compliance measures, identifying gaps, and recommending improvements
• Collaborating with strategic-integration and fostering strong relationships across various departments (IT, security, legal, compliance) to ensure seamless integration of GRC processes and cybersecurity initiatives
• Provide expert advice on GRC strategies, frameworks, and methodologies to clients
• Collaborate with internal and external auditors, providing necessary documentation and support for audits
• Ensure clients' adherence to relevant regulations, standards, and industry-specific compliance requirements
• Developing and delivering training programs to educate employees on cybersecurity best practices and compliance requirements, promoting a culture of security awareness
• Staying informed on emerging threats and regulations and continuously update your knowledge on the evolving cybersecurity landscape and adapt your strategies accordingly
• Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications
• Supporting delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordination resolution of roadblocks