SR ISO Assessment Consultant IRC295881

Description

POSITION SUMMARY

This role will work as part of a team assessing customer organizations against global, regulatory, and industry
requirements as well as publications released by the International Organization for Standardization (ISO). The
team member will initially support experienced project and team leaders and be assigned specific technical and
non-technical engagement segments. This role will develop into a practice Engagement Lead that collaborates
with Project Managers, Directors, and other delivery team members to effectively manage project timelines,
schedules, customer communication, and work product construction.
 
A Senior Consultant on the Global Assurance team enhances the posture and maturity of customer processes
affecting information security and data privacy management through the technical evaluation of governance
programs. This role will evaluate both the design and operating effectiveness of technical controls supporting
management systems and will help identify improvement opportunities for customers.

Requirements

SKILLS

Essential:

• Public-speaking skills set along with an apparent executive presence that solicits attention from
  audiences
• Inquisitive and curious nature with the ability to effectively probe for deeper information
• Attention for detail and quality processes
• Strong consulting skills with a desire to corroborate surface-level discoveries with objective evidence
• Ability to build high-trust relationships, rapport, and credibility quickly with peers and customers
• Strong written and verbal communication skills, including the ability to explain technical concepts to non-technical audiences
• Personal initiatives toward organization, time management, and learning
• Proficient time management skills when managing multiple tasks

EXPERIENCE

Essential:

• 4-6 years of experience in a privacy related role such as an Privacy Engineer/Technical Privacy Investigator, Privacy Analyst/Specialist, or similar role.
  OR
• 4-6 years of experience as an IT consultant, IT auditor, or similar role but with knowledge of GDPR requirements, ISO 27701, or sector-specific privacy and data security laws at the federal level.
• Prior employment with a professional services firm or an accredited certification body for management systems
• Previous project experience implementing or assessing information assurance frameworks and control sets, such as ISO 27001, ISO 27002, ISO 27017, ISO 27018, ISO 27701, Cloud Controls Matrix (CCM), NIST SP 800-53, or NIST Cyber Security Framework (CSF)
• General knowledge and application of audit planning, testing, and reporting procedures
• Capability to independently research a technical topic and develop logical testing approaches
• Comfort leading customer calls, interview walkthroughs, and inquiry sessions with client points of contact
• Knowledge of current events affecting changes within information security and data privacy practices (e.g., breaches, laws, consent orders and decrees)
• Computer and typing skills that permit rapid data collection during meetings with both internal and external contacts

REQUIRED CERTIFICATIONS

One or more of the following:

Higher priority

• Certification to any of the following audit and assessment schemes in order of relevance: ISO 27701 Lead Audior/ Lead Implementor, ISO 27001 Lead Auditor/ Lead Implementor, ISO 9001 Lead Auditor, ISO 22301 Lead Auditor, ISO 20000-1 Lead Auditor, CISA, CIPP/US, CIPM, or CIPP/E

Lower priority

• Certification to any of the following information security schemes in order of relevance: CCSK, CRISC, CISM, CISSP, CCSP
• Certification to any of the following industry schemes: Amazon Web Services (AWS) Solutions Architect –Associate, AWS SysOps
• Administrator, Microsoft Azure Solutions Architect – Associate, Microsoft Azure Security Engineer – Associate, Google Cloud Platform (GCP) – Associate Cloud Engineer, GCP Professional Cloud Architect, etc.

EDUCATION

• Bachelor’s degree in a relevant field (CIS, MIS, Privacy, Law, Risk Management, or another related field)

Job responsibilities

ESSENTIAL RESPONSIBILITIES — ** focus on Privacy **

• Autonomously leads interview and inquiry walkthroughs with client points of contact to determine the conformity of environments against stated requirements
• Responsible party and primary, first-level reviewer of draft audit planning and reporting material provided by support staff throughout the engagement lifecycle
• Responsible party and final-level reviewer of customer-facing work products prior.
• Works closely with experienced team members to ensure the completeness and accuracy of audit procedures for customer organization scopes
• Pursues and corroborates conclusions derived from inquiry procedures with auditee contacts while ensuring diligent interview notes are captured as a result of direct interactions with customers
• Offline and remote evidence inspection of client-provided documentation with the ability to appropriately mark artifacts requiring follow up or additional clarification from the auditee
• Draft audit programs that sufficiently address both the required objectives of the certification body and the complexity of the client environment
• Adheres to pre-defined project timelines and communicates possible changes to the schedule or scope of work with appropriate internal team members
• Manages priorities and tasks to achieve billable utilization targets established for the role
• Continuous professional development when maintaining subject matter-specific certifications, credentials, and designations
• Collaborates with project managers, quality assurance, and/or other delivery team members to drive customer satisfaction and the timely production of deliverables
• Willing to trains newer resources (both FTE & contractors) on the internal procedures and certification
  body methodology
• Identifies upsell and cross sell opportunities and escalates to practice management
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable supporting engagements
• Establishes and maintains positive collaborative relationships with clients and involved stakeholders
• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value beyond the text described within the audit criteria and learned through exposure with alternate environments
• Remains abreast to regulations or standards that are either in draft or approaching enforcement affecting publications via ISO
• Standard office environment (ability to be successful when working remotely, if necessary)
• Preference to be available for working hours aligning with Eastern Standard Time (EST)
• Passport required

 

What we offer

Exciting Projects: Come take your place at the forefront of digital transformation! With clients across all industries and sectors, we offer an opportunity to work on market-defining products using the latest technologies.

Collaborative Environment:Expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment — or even abroad in one of our global centers or client facilities!

Work-Life Balance:GlobalLogic prioritizes work-life balance, which is why we offer flexible work schedules.We offer you the best quality of work life so that you exceed the expectations of our clients, while achieving your professional and personal ambitions.

Professional Development:Our dedicated Learning & Development team regularly organizes English classes, professional certifications, and technical and soft skill trainings. We also offer the chance to travel internationally

Excellent Benefits:We provide our employees with competitive salaries, family medical insurance, extended paternity leave, annual performance bonuses, and referral bonuses.

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.