Senior/Semi Senior ISO Assessment Consultant IRC295286

Description

POSITION SUMMARY

This role will work as part of a team assessing customer organizations against global, regulatory, and industry
requirements as well as publications released by the International Organization for Standardization (ISO). The
team member will initially support experienced project and team leaders and be assigned specific technical and
non-technical engagement segments. This role will develop into a practice Engagement Lead that collaborates
with Project Managers, Directors, and other delivery team members to effectively manage project timelines,
schedules, customer communication, and work product construction.
 
A Senior Consultant on the Global Assurance team enhances the posture and maturity of customer processes
affecting information security and data privacy management through the technical evaluation of governance
programs. This role will evaluate both the design and operating effectiveness of technical controls supporting
management systems and will help identify improvement opportunities for customers.

Requirements

SKILLS

Essential:

• Public-speaking skills set along with an apparent executive presence that solicits attention from
  audiences
• Inquisitive and curious nature with the ability to effectively probe for deeper information
• Attention for detail and quality processes
• Strong consulting skills with a desire to corroborate surface-level discoveries with objective evidence
• Ability to build high-trust relationships, rapport, and credibility quickly with peers and customers
• Strong written and verbal English communication skills, including the ability to explain technical concepts to non-technical audiences
• Personal initiatives toward organization, time management, and learning
• Proficient time management skills when managing multiple tasks

EXPERIENCE

Essential:

• 3-4 years of experience in a privacy related role such as an Privacy Engineer/Technical Privacy Investigator, Privacy Analyst/Specialist, or similar role.
  OR
• 3-4 years of experience as an IT consultant, IT auditor, or similar role but with knowledge of GDPR requirements, ISO 27701, or sector-specific privacy and data security laws at the federal level.
• Prior employment with a professional services firm or an accredited certification body for management systems
• Previous project experience implementing or assessing information assurance frameworks and control sets, such as ISO 27001, ISO 27002, ISO 27017, ISO 27018, ISO 27701, Cloud Controls Matrix (CCM), NIST SP 800-53, or NIST Cyber Security Framework (CSF)
• General knowledge and application of audit planning, testing, and reporting procedures
• Capability to independently research a technical topic and develop logical testing approaches
• Comfort leading customer calls, interview walkthroughs, and inquiry sessions with client points of contact
• Knowledge of current events affecting changes within information security and data privacy practices (e.g., breaches, laws, consent orders and decrees)
• Computer and typing skills that permit rapid data collection during meetings with both internal and external contacts

REQUIRED CERTIFICATIONS

One or more of the following:

Higher priority

• Certification to any of the following audit and assessment schemes in order of relevance: ISO 27701 Lead Audior/ Lead Implementor, ISO 27001 Lead Auditor/ Lead Implementor, ISO 9001 Lead Auditor, ISO 22301 Lead Auditor, ISO 20000-1 Lead Auditor, CISA, CIPP/US, CIPM, or CIPP/E

Lower priority

• Certification to any of the following information security schemes in order of relevance: CCSK, CRISC, CISM, CISSP, CCSP
• Certification to any of the following industry schemes: Amazon Web Services (AWS) Solutions Architect –Associate, AWS SysOps
• Administrator, Microsoft Azure Solutions Architect – Associate, Microsoft Azure Security Engineer – Associate, Google Cloud Platform (GCP) – Associate Cloud Engineer, GCP Professional Cloud Architect, etc.

EDUCATION

• Bachelor’s degree in a relevant field (CIS, MIS, Privacy, Law, Risk Management, or another related field)

Job responsibilities

ESSENTIAL RESPONSIBILITIES — ** focus on Privacy **

• Autonomously leads interview and inquiry walkthroughs with client points of contact to determine the conformity of environments against stated requirements
• Responsible party and primary, first-level reviewer of draft audit planning and reporting material provided by support staff throughout the engagement lifecycle
• Responsible party and final-level reviewer of customer-facing work products prior.
• Works closely with experienced team members to ensure the completeness and accuracy of audit procedures for customer organization scopes
• Pursues and corroborates conclusions derived from inquiry procedures with auditee contacts while ensuring diligent interview notes are captured as a result of direct interactions with customers
• Offline and remote evidence inspection of client-provided documentation with the ability to appropriately mark artifacts requiring follow up or additional clarification from the auditee
• Draft audit programs that sufficiently address both the required objectives of the certification body and the complexity of the client environment
• Adheres to pre-defined project timelines and communicates possible changes to the schedule or scope of work with appropriate internal team members
• Manages priorities and tasks to achieve billable utilization targets established for the role
• Continuous professional development when maintaining subject matter-specific certifications, credentials, and designations
• Collaborates with project managers, quality assurance, and/or other delivery team members to drive customer satisfaction and the timely production of deliverables
• Willing to trains newer resources (both FTE & contractors) on the internal procedures and certification
  body methodology
• Identifies upsell and cross sell opportunities and escalates to practice management
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable supporting engagements
• Establishes and maintains positive collaborative relationships with clients and involved stakeholders
• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value beyond the text described within the audit criteria and learned through exposure with alternate environments
• Remains abreast to regulations or standards that are either in draft or approaching enforcement affecting publications via ISO
• Standard office environment (ability to be successful when working remotely, if necessary)
• Preference to be available for working hours aligning with Eastern Standard Time (EST)
• Passport required

 

What we offer

Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. 

Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally.

Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today.

Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way!

High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.