- Provide expert guidance and support to clients in developing and implementing IT governance frameworks, policies, and procedures.
- Conduct comprehensive risk assessments to identify potential vulnerabilities and gaps in IT systems, processes, and controls.
- Collaborate with clients to develop risk mitigation strategies and action plans, ensuring alignment with industry best practices and regulatory requirements.
- Assist in the design and implementation of effective IT controls and monitoring mechanisms to ensure compliance with internal policies and external regulations.
- Conduct periodic audits and assessments of IT infrastructure, systems, and processes to evaluate compliance levels and identify areas for improvement.
- Stay abreast of emerging industry trends, regulatory changes, and security threats to proactively assess their impact on clients' IT GRC programs.
- Provide recommendations for remediation and improvement based on risk assessment findings and best practices.
- Conducted training and awareness sessions for clients' employees to enhance understanding and adherence to IT governance and compliance requirements.
- Collaborated with cross-functional teams, including IT, legal, and compliance departments, to ensure effective integration of IT GRC initiatives.
- Maintained accurate documentation, including risk assessment reports, control frameworks, policies, and procedures.
- Bachelor's degree in computer science, Information Technology, or a related field.
- Minimum of 6 years of experience in IT GRC consulting or a similar role.
- Experience working for a transformation or technology consulting firm.
- Deep understanding of IT governance frameworks such as COBIT, ISO 27001, NIST Cybersecurity Framework, and other relevant standards.
- Strong knowledge of risk assessment methodologies and tools, including vulnerability scanning, penetration testing, and threat modeling.
- Familiarity with regulatory compliance requirements, such as GDPR, HIPAA, PCI DSS, or SOX.
- Experience in conducting IT audits, control assessments, and developing remediation plans.
- Excellent analytical and problem-solving skills, with the ability to identify and address risks effectively.
- Strong communication and interpersonal skills to effectively interact with clients and stakeholders at all levels.
- Ability to work independently and as part of a team, managing multiple projects simultaneously and meeting deadlines.
- Professional certifications such as CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), CISSP (Certified Information Systems Security Professional), or equivalent ISACA certifications are highly desirable.
- Experience supporting financial services or insurance organizations is highly desired.
-
Manager, IT GRC
6 days ago
Infinitive Inc Ashburn, United StatesJob Description · Job Description*Candidates must be local to the Washington D.C. metro area. · About Infinitive: · Infinitive is a Data and AI consultancy that enables global brands to deliver results through insights innovation, and efficiency. We possess deep industry and tec ...
-
Grc Task Order Project Manager
1 week ago
Beshenich Muir & Associates Llc Fort Belvoir, United States**Job Summary** · BMA is seeking a GRC Task Order Project Manager to support work within the Defense Logistics Agency. · **Clearance Requirements** · The TOPM must have IT-II security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACL ...
-
Purchasing / Contract Professional - Iv
1 week ago
Pinnacle Technical Resources Ashburn, United States**NEED LAST 5 digits of SSN + MONTH and DAY of BIRTH TO SUBMIT.** · **Responsibilities**: · - Working with cross-functional Sales, Product, Finance, Legal and external Supplier to draft, red-line, negotiate and support Commercial Resale Suppliers contractual agreements (Master Ag ...
-
Servicenow Developer
1 week ago
DCI Solutions Dulles, United StatesJLS Job Requirement for: · **ServiceNow Developer** · Location: Dulles, VA (Hybrid) · Serves as a ServiceNow Developer for customer environment operations · Assist with the technical design for architecture · Manage code quality, ensuring a highly available and recoverable enviro ...
-
Global Response Center Reston, United States_Please note that the selected applicant will be a full-time Global Response Center (GRC) employee embedded as a contract employee for a GRC client. _ · In addition to managing the client's requirements, the individual will serve as lead EP and ES Agent in support of the client. ...
-
Technical Business Systems Analyst
2 days ago
Verisign Reston, United StatesVerisign helps enable the security, stability, and resiliency of the internet. We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services. · We are a mission focused, values driven c ...
-
Information Systems Security Officer
3 days ago
SAIC Chantilly, United StatesJob ID: · **Location**:CHANTILLY, VA, US · **Date Posted**: · **Category**:Cyber · **Subcategory**:Cyber GRC · **Schedule**:Full-time · **Shift**:Day Job · **Travel**:No · **Minimum Clearance Required**:TS/SCI with Poly · **Clearance Level Must Be Able to Obtain**:None · **Pote ...
-
Mid-level Grc Consultant
21 hours ago
New River Systems Corporation Washington, United States**Clearance**: Clearable US Citizen · **Location**: Hybrid Remote/On-Site · - Assist with the implementation of Governance Risk & Compliance (GRC) solutions by assisting the project team with various assigned tasks during the different project phases. · - Perform GRC functions wi ...
-
Senior Consultant, IT GRC
1 week ago
Infinitive Ashburn, United States*Candidates must be local to the Washington D.C. metro area. · About Infinitive: · Infinitive is a data and AI consultancy that enables its clients to modernize, monetize and operationalize their data to create lasting and substantial value. We possess deep industry and technol ...
-
Information System Security Officer Lead
2 days ago
SAIC Washington, United StatesJob ID: · **Location**:WASHINGTON, DC, US · **Date Posted**: · **Category**:Cyber · **Subcategory**:Cybersecurity Ops · **Schedule**:Full-time · **Shift**:Day Job · **Travel**:No · **Minimum Clearance Required**:None · **Clearance Level Must Be Able to Obtain**:Public Trust · * ...
-
Internal Audit IT
1 day ago
Hewlett Packard Spring, United StatesPlans and supervises assigned audit activities. · - Facilitates an audit from start to finish, including creating and evaluating audit work programs. · - Assesses timing for audit planning. · - Guides audit analysts and specialists, and writes audit reports for management. · - Ma ...
-
Group Sales Coordinator
1 week ago
The Darcy Washington, United StatesCollege Degree or equivalent experience · - Previous Hotel Experience is desirable · - Ability to read, write and speak English, using excellent grammar and communication skills · - Pleasant and professional demeanor · - Ability to effectively communicate with guests and staff in ...
-
Supervisory IT Specialist
1 week ago
US Administrative Office of the U.S. Courts Washington, United States**Duties**: · The incumbent of this position will play a critical role in managing an enterprise grade information security program, ensuring compliance with Judiciary Information Security Framework (JISF), NIST standards and other regulatory compliance frameworks (CSF, FedRAMP e ...
-
Information Systems Security Manager
1 week ago
SAIC Arlington, United StatesJob ID: · **Location**:ARLINGTON, VA, US · **Date Posted**: · **Category**:Cyber · **Subcategory**:Cyber GRC · **Schedule**:Full-time · **Shift**:Day Job · **Travel**:Yes, 10 % of the Time · **Minimum Clearance Required**:TS/SCI · **Clearance Level Must Be Able to Obtain**:None ...
-
Director of Controls
1 week ago
Hewlett Packard Spring, United StatesResponsible for driving the governance and compliance team to ensure controls are operating effectively for the entire order-to-cash end-to-end process in support of the global SOX program as well as operational controls supporting the Proactive Risk Management program (PRM). Thi ...
-
Information Systems Security Manager
1 week ago
SAIC Arlington, United StatesJob ID: · **Location**:ARLINGTON, VA, US · **Date Posted**: · **Category**:Cyber · **Subcategory**:Cyber GRC · **Schedule**:Full-time · **Shift**:Day Job · **Travel**:Yes, 10 % of the Time · **Minimum Clearance Required**:Secret · **Clearance Level Must Be Able to Obtain**:None ...
-
Software Assurance Cybersecurity Specialist
3 days ago
Govcio LLC Washington, United StatesOverview: · GovCIO is looking for a Software Assurance Cybersecurity Specialist (Zero Trust) with a TS/SCI clearance in Washington, DC. This is is a hybrid schedule, 2-3 days onsite weekly. · **Responsibilities**: · - Function as the Supply Chain Risk Management (SCRM) point of c ...
-
Peoplesoft Functional Tester
2 days ago
ACI Federal Alexandria, United States**ACI Federal **is seeking an experience **Senior Functional Test Engineer** · **PeopleSoft Functional Tester -- Senior Enterprise Application Analyst/Designer** · As a Senior Functional Test Engineer you will work under mínimal supervision, perform tasks related to (functional, ...
-
Electronic Tech Ii, Atc Comm
1 week ago
IAP Worldwide Services, Inc Alexandria, United States** OCONUS ** Balad** · The Communication Radio Technician shall maintain and repair electronics such as military and commercial off the shelf transmit/receiver radios, digital voice recording systems (DVRS), enhanced terminal voice switches (ETVS), land mobile radios/base station ...
-
Cyber Security Engineer Associate
1 week ago
Telos Corporation Ashburn, VA, United StatesThe most security-conscious organizations trust Telos Corporation to protect their vital IT assets · The reputation of our company rests on the quality of our solution and the integrity of our people · Explore what you can bring to our solutions in information assurance, secure n ...
Manager, IT GRC - Ashburn, United States - Infinitive
Description
*Candidates must be local to the Washington D.C. metro area.
About Infinitive:
Infinitive is a Data and AI consultancy that enables global brands to deliver results through insights innovation, and efficiency. We possess deep industry and technology expertise to drive and sustain adoption of new capabilities. We match our people and personalities to our clients' culture while bringing the right mix of talent and skills to enable high return on investment.
Infinitive has been named "Best Small Firms to Work For" by Consultancy Magazine 6 times. Infinitive has also been named a Washington Post "Top Workplace", Washington Business Journal "Best Places to Work" and Virginia Business "best Places to Work."
About this Role:
Infinitive is looking for candidates who are accountable, passionate, assertive, proactive, open & honest, results oriented, and adaptable. We are seeking an experienced IT GRC (Governance, Risk, and Compliance) Manager to join our dynamic team. As an IT GRC Manager, you will play a critical role in assisting our clients in managing and mitigating information technology-related risks and ensuring compliance with relevant regulations and industry standards.
We are currently looking for an IT GRC Manager who will:
Additionally, the ideal candidate has:
Required Qualifications:
Desired Qualifications:
Applicants for employment in the U.S. must possess work authorization which does not require sponsorship by the employer for a visa.
Infinitive is an Equal Opportunity Employer.