Position Overview
Role & responsibilities
- Develop, review, and maintain cybersecurity policies, standards, procedures, and baselines aligned with NIST, ISO 27001, CIS, and regulatory requirements.
- Conduct enterprise and project-level cyber risk assessments, including risk identification, scoring, treatment, and tracking.
- Manage and maintain the cyber risk register, ensuring clear ownership, mitigation plans, and risk acceptance approvals.
- Support compliance programs for ISO 27001, NIST CSF, SOC 2, and applicable regulatory frameworks.
- Coordinate and support internal and external audits, including evidence collection, gap analysis, and remediation tracking.
- Perform third-party and vendor security risk assessments, including questionnaire reviews and risk rating.
- Define and track GRC-related KPIs and KRIs to measure security governance effectiveness.
Preferred candidate profile
Ready to Apply?
Join thousands of Americans building their careers
Apply Now