Senior Security Consultant, Risk- Remote (Anywhere in the U.S.)

Minimum of 8 years of combined cybersecurity GRC experience. Minimum of 3 years’ experience consulting and delivering qualitative and quantitative risk assessments using industry-recognized methodologies. Ability to lead interviews with executive and technical stakeholders. Strong understanding and working knowledge of security frameworks and standards including NIST CSF, NIST CSF/RMF, ISO 31000, and others. Experience with GRC and Cyber Risk Management tools (e.g., SafeOne, OneTrust, LogicGate, ServiceNow GRC/IRM, AuditBoard). Demonstrated experience in assessing, developing, and implementing GRC and cybersecurity risk management programs. Strong understanding of all the functions within a security program. Strong communication skills, including articulating thoughts and distilling complex problems. Demonstrated experience in delivering written risk assessments reports. Self-driven; able to manage schedules, meet deadlines, and work independently. Excellent project management skills. GRC or management focused industry certifications such as CISSP, CISA, CISM, CRISC, FAIR Fundamentals, etc.

Deliver successful consulting engagements across multiple Risk offerings. Perform qualitative and quantitative risk assessments using industry-recognized frameworks. Provide advisory services to help mature cyber risk management and information security programs. Establish strong relationships and trust with customers. Work with other GuidePoint Security practices as part of a cohesive cross-functional team. Remain current on industry developments. Contribute to practice and offering development. Provide mentorship to other Risk consultants and team members.