Summary: Echelon Risk + Cyber is seeking an exceptional GRC Consultant to defend human rights to security and privacy within their growing vCISO Practice, working on diverse client engagements and building internal processes. Highlights: 1. Defend basic human rights to security and privacy 2. Engage with cutting-edge technology and impactful work 3. Opportunity for continuous learning and professional development ***About us:*** At Echelon Risk \+ Cyber, we believe in defending basic human rights to security and privacy. We are looking for an exceptional **GRC Consultant** for our growing **vCISO Practice**. This individual will work on client engagements as well as on building processes to support Echelon Risk \+ Cyber's continued growth. Consultative client work will be performed with clients in a wide range of industries, sizes, and compositions. Our next team member will be ready to roll up their sleeves and identify opportunities for our clients and for Echelon internally with unquestioned integrity. This team member will be passionate about cybersecurity and ready to use their knowledge to be an Entrepreneurial Problem Solver and work alongside their Echelon team members to build creative solutions. At Echelon, we believe learning never stops. You will have the opportunity to engage with systems that are at the cutting edge of technology and team members that will challenge you with meaningful work. We allow our team members to build from the ground up and make an impact across the organization. ***What You Will Do:*** * Develop and maintain Cybersecurity policies and procedures * Review and assess security and technology controls against cybersecurity best practice and compliance frameworks * Conduct client discoveries and onboarding of services including performing client interviews, developing and executing discovery and assessment plans, generating and coordinating evidence requests and reviewing documentation and supporting evidence * Document results, create client reports and communicate results to client management and other stakeholders * Work collaboratively with our clients and other team members and to identify information security risks and challenges and provide actionable recommendation and solutions * Demonstrate consistency, versatility and adaptability while managing simultaneous client engagements and priorities and delivering quality results in a timely fashion * Work with the internal team to develop and plan engagement strategies, define objectives, identify and provide recommendations to address client risks * Create client\-facing presentations, reports, and analytics * Plan, coordinate and manage Cybersecurity and Compliance programs with strong project management and communication techniques (e.g., build security roadmaps, prioritize and track initiatives) * Assist leadership in the creation of proposals, budgets, work plans and other business development efforts * Establish exceptional internal and client relationships using strong communication skills * Produce thought leadership for the organization's website blog on a regular basis * Actively engage in the cybersecurity community by attending or speaking at local or national conferences ***Your knowledge, skills, and abilities:*** * 2\-3 years of related experience in the cybersecurity industry * Focus on Governance, Risk and Compliance planning, development and management * Knowledge of GRC Platforms/Tools to assist with Assessments and Compliance Management * Risk management experience, including performing assessments and audits, designing information security controls and processes, managing enterprise control frameworks, and evaluating and prioritizing risk * Experience with a variety of information security frameworks and best practices (e.g., CIS, NIST, PCI, CMMC, ISO, GLBA, FFIEC, SOX, SOC, HIPAA, HITRUST, etc.) * Degree in Information Systems, Computer Science, Information Security, or related discipline preferred Project Management experience * Preferred Certifications recommended: CISSP, CISA, CISM, or similar certification * Ability to manage and prioritize multiple projects simultaneously and adapt in a demanding and changing environment * Although this is not a technical oriented role, knowledge of Cloud systems, applications, security services/tools (e.g., EDR, MDR, SIEM, Vulnerability Scanning, Email Security, Backup/DR, MDM), Firewalls, Basic Networking, Data Security, IAM/SSO, etc., will be beneficial in an advisory capacity * Intellectual curiosity: seeking opportunities to develop and demonstrating a willingness to learn * Strong attention to detail and superior analytical, technical, and problem\-solving skills * Excellent verbal and written communication skills with experience crafting professional messages and adjusting communication style based on audience * Preferred experience working with financial services, healthcare, or regulated industries * **Authorized to work in Mexico** ***Why Echelon?*** We are committed to creating an inclusive environment for our team with unquestioned integrity. If you have a special need that requires accommodation, please let your recruiter know. One of our core values in "People with Personality" and we want to allow you the space to bring your full self to work. ***We currently offer the following benefits:*** * Access to private medical insurance through MetLife. * Life insurance policy via MetLife. * 30\-day Christmas bonus and a monthly technology stipend. * Contribution of 8% of the employee's salary to a savings fund. * Flexible vacation policy that allows you to manage your schedule and rest and recharge when you need to. * Family\-friendly benefits, including weeks off for maternity leave, weeks off for non\-birthing parent leave, and employer\-paid short\-term and long\-term disability. * Support for individual development through certifications, continued learning, conferences, and more. We value a diverse workforce and a culture of inclusivity and belonging. All employment decisions shall be made without regard to age, race, creed, color, religion, gender, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Echelon Risk \+ Cyber is an Equal Opportunity Employer.