Governance Risk & Compliance Consultant

Avertium is the managed security and consulting provider that companies turn to when they want more than check-the-box cybersecurity. In today’s threat landscape, your not-so-standard processes, workflows, and vulnerabilities require more than just a standard approach to cybersecurity. You need a smarter, stronger approach based on more rigor, more relevance, and more responsiveness. That is why more than 1,200 organizations in every sector from manufacturing to financial services, healthcare to technology and business services to hospitality rely on Avertium for cybersecurity services.

The successful candidate will have 5+years of experience in cybersecurity. Specifically in the areas of security framework control implementation, compliance, risk analysis/management, threat modeling, and/or security engineering/architecture.

The successful candidate will be cybersecurity focused with an emphasis on compliance controls related to HIPAA, PCI, SOX, ISO, and NIST standards. The ability to conduct in-depth security compliance assessments with business and technology partners. Must be able to evaluate the design and/or implementation of security controls in place in order to communicate risks to both technical and non-technical personnel, make recommendations on remediation/mitigation, and design multi-faceted solutions.

The successful candidate will be self-disciplined and able to work on individual tasks, sometimes without clear requirements, and to work well in a team environment. The ideal candidate will have experience in the following areas:

Qualifications for Success:

• Bachelor's Degree or higher in an information technology field and/or 5+ years in the cybersecurity or compliance industries.
• 3+ years performing security risk assessments.
• 5+ years of experience with NIST frameworks.
• 5+ years of experience with one or more of the following regulatory frameworks, FedRAMP, HIPAA, PCI, ISO (27001/2).
• Familiarity or Working Knowledge of CMMC, HITRUST, SOC.
• Demonstrated proficiency with Microsoft Productivity Tools.
• CISSP, CISA, CISM, Security+, Microsoft and/or other recognized industry certifications.
• Demonstrated ability to manage and/or conduct multiple projects simultaneously.