Previous Job
Previous
GRC Consultant
Ref No.: 17-28188
Location: Dimondale, Michigan
Advanced knowledge of security standards and experience performing security audits. Experience in Governance Risk and Compliance (GRC).

Years of Experience:
10 or more years with IT security and audit experience with extensive knowledge of national/international security standards including NIST, PCI, CJIS, CMS, ISO, SOX, HIPAA, HITECH and other regulatory requirements .

Job Description:
Advanced knowledge of security standards and progressive experience performing security audits.

1. Assist the Risk and Compliance Director with risk assessment process re-engineering within the LockPath GRC tool
2. Assist in establishing efficient processes for Risk Assessment processes within the GRC tool as part of LockPath Reengineering Project(s).
3. Perform gap analysis of security requirements implemented within the LockPath GRC tool and risk assessment process according to security statute, regulation, standards and SOM policies
4. Cross-map HIPAA, IRS, CMS, PCI and CJIS security requirements to NIST and State of Michigan Baseline controls
5. Document LockPath process design including business and security requirements
6. Identify and design reports within the LockPath GRC tool and assist the Risk and Compliance Director to establish monitoring program
7. Assist with establishing Cyber Security Framework for the State of Michigan.
8. Other cyber security related tasks as assigned
9. Assist with MICWRAP Risk Assessment volume of work for agencies.
Skill
Required / Desired
Amount
of Experience
Information Technology Experience
Required
10
Years
IT Security and/or Audit Experience
Required
10
Years
PCI, NIST, FISMA, HIPPA, CJIS, or related experience
Required
5
Years
Experience working in large, complex business and/or IT environments
Required
10
Years
Bachelors or Masters Degree in Computer Science, MIS, Business, Accounting, or Engineering (or related)
Required
4
Years
Technical skills: knowledge and experience in IT security statutes, regulations, and standards, experience in GRC tool(s).
Required
5
Years
CISSP/CISM certification