Sr. IT Security Compliance Consultant
Contract Type: Contract
Posted Date: November 25, 2024
ECCO Select is a talent acquisition and consulting company specializing in people, process and technology solutions. We provide the talent behind the technology enabling our clients to achieve their goals. For more information about ECCO Select, visit us at www.eccoselect.com.
Position Title: Sr. IT Security Compliance Consultant
Location Information: Remote (DFW, EST or CST preferred)
Position Responsibilities:
– Engage with IT security engineers, overseeing daily operations including anti-virus protection, vulnerability management, and logging/monitoring activities.
– Develop, implement, and maintain IT security policies, standards, and procedures.
– Manage the deployment and operation of security technologies.
– Oversee vulnerability management programs, including identifying vulnerabilities, developing remediation plans, and tracking issue resolution.
– Drive initiatives to enhance security to protect from malicious content.
– Oversee compliance with regulatory requirements, frameworks, and industry standards, including PCI DSS, NIST, and ISO 27001.
– Facilitate PCI, SOC, and other assessments, manage remediation efforts, and ensure ongoing compliance.
– Maintain a robust Governance, Risk, and Compliance (GRC) framework to align security strategies with organizational objectives.
– Perform risk assessments to identify, analyze, and prioritize IT security risks, creating mitigation plans to reduce exposure.
– Manage and coordinate audits, including external and internal audits, and ensure findings are addressed effectively and promptly.
– Monitor and report on key security metrics, providing visibility into risk levels and compliance status for senior leadership.
– Collaborate with business units to embed risk management practices into decision-making processes.
– Collaborate with cross-functional teams to support annual audits, risk assessments, and compliance activities.
– Identify and mitigate IT security risks, ensuring robust risk management processes are in place.
– Assist in response to client’s security questionnaires.
Essential Skills & Experience:
– 7+ years of experience in IT security operations, governance, risk, and compliance.
– Deep knowledge of PCI, SOC, GDPR, CCPA compliance requirements, audit management, and remediation processes.
– Extensive experience with GRC tools, platforms, and methodologies, ensuring effective integration into IT workflows.
– Proficiency with security tools and technologies such as SIEM, FIM, IPS, web proxies, and email gateways.
– Strong understanding of cybersecurity frameworks, best practices, and regulatory requirements (e.g., NIST, ISO 27001).
– Demonstrated ability to lead risk management initiatives and build risk-aware organizational culture.
– Certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
– Strong interpersonal and communication skills, with the ability to collaborate effectively across teams and influence stakeholders.
Preferred Skills:
– Experience with cloud security and modern infrastructure platforms.
– Proven ability to manage and resolve security incidents effectively.
– Strategic thinker with the ability to balance security objectives with business needs.
ECCO Select is committed to hiring and retaining a diverse workforce. Our policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category. Veterans of our United States Uniformed Services are specifically encouraged to apply for ECCO Select opportunities.
Equal Employment Opportunity is The Law
This Organization Participates in E-Verify