DC Area Information Risk, Security and Compliance Consultants

Reston, VA
Mar 20, 2017
Jobs Outside Higher Education
Software & Technology
Institution Type
Outside Academe

Job Description

POSITION SUMMARY - A significant amount of this work may be performed remotely

The role provides knowledge leadership as a member of the team working on a complex set of iGRC projects, that range from:

1.) Service design & implementation based on ITIL standards (service definition, design, transition and operations). for Business Interface services, Architecture services, IAM services, and Governance& Controls services

2.) Refresh of the organizational information security controls framework based on NIST and creation of revised policies and standards plus implementation planning and

3.) Refresh of the existing RCM (Risk & Controls matrix), operating model, and development of new narratives, process & RACI diagrams, desktop procedures, playbooks, testing and quality programs for implementation

4.) Planning and performance of Table Top exercises for the Information Security Organization

5.) Development and definition of the third-party (3rd party) Information Security program

This individual will provide expert knowledge to other team members regarding control frameworks, standards and best practices, will have effective research techniques to interpret the intent and security rationale for controls, and will provide appropriate justifications for variance from baseline standards. This individual will also be highly motivated with the ability to drive continuous improvement throughout the existing Controls Management functions.


• Responsible for high quality-timely service delivery, responsive customer support, service oriented customer communications

• Provide expert knowledge regarding information security regulations, requirements and best practices, the control framework structure, all information security controls, the security rationale for each, and the state of ongoing compliance

• Actively collaborate with other teams within throughout Information Security, throughout IT, and control owners and stakeholders

• Drive the transition to the new control framework throughout the organization

• Plan and monitor of tasks and schedules

• Develop and maintain of information security controls and associated data


• Bachelor degree or equivalent experience

• Minimum of 5-7 years information security experience

• Prefer CISA, CRISC and / or CISSP certifications

• The candidate must have an in-depth knowledge of Governance, Risk, and Compliance (GRC)

• The candidate must have an in-depth knowledge of information security regulations, industry requirements and generally accepted best practices such as FFIEC, GLBA , PCI DSS, ISO, NIST and CIS Benchmarks

• Sound planning, organizational and problem solving skills

• Interpersonal, collaboration and facilitation skills

• Effective communications skills (both verbal and written)

• Demonstrated ability to meet deadlines and commitments in an environment the requires multitasking among concurrent activities and frequent shifting of priorities

• Ability to convey security concepts to both technical and non-technical audiences

Company Description
infoedge is a rapidly growing, dynamic, management consulting firm that helps our clients effectively use information for success in healthcare, financial services, products and services, we help our clients improve their customers' experiences, drive profitability, innovate, or manage risk. Our multidisciplinary team offers a variety of services to help our clients succeed by design. We work with the world's leading brands and organizations and deliver impactful, innovative solutions. We offer a highly competitive compensation package that rewards high performers and provides sector leading benefits and a lively, agile, collaborative work environment.

Reston, VA


Sun, 19 Mar 2017 12:47:11 PDT