Governance, Risk & Compliance Consultant

Job description

Avertium is a cyber fusion and MXDR leader, delivering comprehensive security and compliance services to mid-market and enterprise customers. Our unique “Assess, Design, Protect” methodology addresses and improves security strategy, reduces attack surface risk, strengthens compliance, and provides continuous threat protection. Avertium maximizes customer security investments and enables customers to focus on growth, innovation, and business outcomes, while assuring that their security infrastructure is resilient and adaptive to evolving threats. That’s why customers trust Avertium to deliver better security, improved compliance, and greater ROI.

The successful candidate will have 5+years of experience in cybersecurity.  Specifically in the areas of security framework control implementation, compliance, risk analysis/management, threat modeling, and/or security engineering/architecture.

The successful candidate will be cybersecurity focused with an emphasis on compliance controls related to HITRUST, HIPAA, PCI, SOX, ISO, and NIST standards.  The ability to conduct in-depth security compliance assessments with business and technology partners. Must be able to evaluate the design and/or implementation of security controls in place in order to communicate risks to both technical and non-technical personnel, make recommendations on remediation/mitigation, and design multi-faceted solutions.

The successful candidate will be self-disciplined and able to work on individual tasks, sometimes without clear requirements, and to work well in a team environment. The ideal candidate will have experience in the following areas:

Qualifications for Success:

• Bachelor’s Degree or higher in an information technology field and/or 5+ years in the cybersecurity or compliance industries.
• 3+ years performing security risk assessments.
• 5+ years of experience with NIST frameworks.
• 5+ years of experience with one or more of the following regulatory frameworks, FedRAMP, HIPAA, PCI, ISO (²⁷⁰⁰¹⁄₂).
• Familiarity or Working Knowledge of CMMC, HITRUST, SOC.
• Demonstrated proficiency with Microsoft Productivity Tools.
• CISSP, CISA, CISM, Security+, Microsoft and/or other recognized industry certifications.
• Demonstrated ability to manage and/or conduct multiple projects simultaneously.

In addition to a career in the challenging world of cyber security, Avertium offers competitive salaries, full benefits, unlimited paid time off, participation in 401(k), and opportunities for professional growth and development. We offer the opportunity to work with cutting-edge security technologies in a stimulating work environment.

Avertium provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.