Job SummaryStratascale is seeking a Sr. Security Consultant – Regulatory Management Programs, Strategy & Risk with experience evaluating regulations and requirements, business processes, identifying needs, and developing strategies to maximize cybersecurity improvements. The candidate would be responsible for working with clients to understand their various risk and compliance processes and to aid in the design, configuration, and testing of technologies to meet those needs.This role will report to the Manager of Technical Services Delivery – Governance, Risk and Compliance (GRC) within the Stratascale department.This position is remote with a Home Office setup as determined by Stratascale management. About UsStratascale, an SHI company, brings together the benefits of 31 years' experience delivering the very best technologies with a fresh consultative approach to designing, delivering and supporting the technology our customers need to transform their business. We call it Digital Agility.To learn more about Stratascale visit our website: https://stratascale.com/ResponsibilitiesIncludes, but not limited to:
Responsible for leading, developing, and facilitating compliance and validation activities for current and future cyber regulations, specifically regulations for insurance companies (e.g., NYDFS)
Lead regulatory reporting capabilities and organizational workstreams and requirements
Design operational risk workflows and reports based on customer organizational structure and business requirements
Configure and manage workflows, risk registers, exceptions management processes, reports, and notification withing Governance, Risk, and Compliance (GRC) platforms
Educate customers and mentor fellow team members on GRC and IRM best practices
Own the tracking and reporting of organizational risk and compliance metrics to customers
Assess, document, and report on the compliance and risk posture of information assets for Stratascale and its customers
Lead internal and external audit processes for relevant compliance
Design and partner with various business units to ensure controls are adequate, appropriate, and effective
Design definitions of security standards and development of organizational policies and procedures
Develop customer information security compliance programs, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations
Develop strategies to address awareness and training for all stakeholders as well as technical solutions
Stay informed on current and emerging regulatory and compliance trends and initiatives
Qualifications
Minimum 10+ years client-facing experience working in complex, demanding environments
Bachelor’s degree or equivalent combination of education and experience
Experience leading, developing, and facilitating compliance and validation activities for current and future cyber regulations, specifically regulations for insurance companies (e.g., NYDFS).
Experience with IT governance, risk, and compliance management in a complex global environment
Familiarity with security frameworks
Team player with strong work ethic with attention to detail
Excellent written, verbal, and consultative skills (e.g., professionalism, collaboration, negotiation, conflict resolution, quick learner, etc.)
Good Interpersonal skills that demonstrate the ability to communicate with both technical and non-technical personnel in cross-functional teams to influence decision making
Strong process and data analysis skills with the ability to communicate systems concepts in a meaningful business context
Proficiency with Microsoft Office Suite (e.g., Word, Excel, PowerPoint, Visio)
Willingness to obtain Industry certifications (e.g., CTPRP, CISSP, CISM, CRISC, CIPP, CISA)
Experience with one or more of the following: TruOps, Prevalent, ServiceNow GRC, Microsoft Compliance Manager and Microsoft Purview, and/or other relevant GRC, Privacy, and/or Third Party Risk Management technologies
Required Skills
Experience with IT governance, risk, and compliance management in a complex global environment
Familiarity with regulatory risk management processes and regulatory frameworks (e.g.,NYDFS)
Strong understanding of fundamental information security concepts and technology
Ability to develop security standards and guidelines based on best practices and industry standards
Experience in a Security Consultant role with responsibility for facilitating meetings to define / compile business requirements and developing functional / technical documentation, in a client environment
Experience working on systems implementation projects with COTS / 3rd party software, including configuration and testing activities
Experience with Big 4 consulting firms, or other global system integrators a plus
Unique Requirements
Attend virtual customer meetings when appropriate
Travel to customer sites, partner sites, conferences, and Stratascale offices up to 20% annually
Additional Information
The estimated annual pay range for this position is $165,000 - $240,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending.
Equal Employment Opportunity – M/F/Disability/Protected Veteran Status
Job Wrapping 1#LI-RemoteRefer a friend to this job (https://careers-shi.icims.com/jobs/16618/stratascale-sr.-security-consultant-regulatory-programs%2c-strategy-%26-risk/job?mode=apply&apply=yes&iniframe=1&hashed=-336032949)Need help finding the right job?We can recommend jobs specifically for you!Job Locations US-RemoteRequisition ID 2024-16618Approved Min (Total Target Comp) USD $165,000.00/Yr.Approved Max (Total Target Comp) USD $240,000.00/Yr.Compensation Structure Base Plus BonusCategory Technical Presales/Post Sales
