Sr. IT Risk & Security Consultant

Where

Raleigh, NC

What you'll be doing

Maintain an information system-level IA program that identifies IA architecture, IA requirements, IA objectives and policies, IA personnel, and IA processes and procedures. Responsible for communicating and testing of NIST 800-53 (Rev3 & Rev4) controls defined by contractual requirements. Also identifying control overlaps or gaps with HIPAA and other regulatory requirements. Ensure the development and maintenance of IA documentation according to established regulatory guidance by reviewing and endorsing such documentation, and recommending action. Including maintaining a repository for all IA certification documentation and modifications. Coordinate IA inspections, tests, and reviews, including Internal & external issue tracking, investigating and reporting on potential incidents and responding to all IA-related inquiries and alerts. Act as a primary IA technical advisor to the organization on projects and initiatives, including notifying the information owners of any contractual or regulatory control changes.

What your background should be

5-10 years of experience with testing and reviewing NIST 800-53 controls. One of the following certifications CISSP, CISA, CISM, CGEIT, CRISC;proven ability to assess risks and controls and identify opportunities for improvement, preferably leveraging the RSA Archer eGRC platform. ADP or equivalent certification preferred, or must be obtained within 6 months of employment. US citizenship is a requirement for certification.

Required Schooling / Training

Bachelor degree in computer science, information systems.

Who is the client company

The company is concern about insurance service.

If you are interested in this position, send your resume to apply@kochdavis.com