Related skills
gdpr iso 27001 ccpa grc tprmπ Description
- Lead end-to-end GRC and privacy engagements from scope to executive reporting.
- Design governance models: policies, standards, risk appetite, KPIs/KRIs.
- Build enterprise risk programs: risk assessments, risk registers, controls, testing.
- Develop security policies and standards aligned to NIST CSF, ISO 27001, CIS, SOC 2.
- Support regulatory readiness: GDPR/UK GDPR, CCPA/CPRA, HIPAA, PCI DSS.
- Stand up privacy programs: data mapping, DPIAs/PIAs, DSAR, retention, consent.
π― Requirements
- Five+ years in cybersecurity GRC, privacy, risk management, or consulting; Bachelor's degree.
- Expertise implementing frameworks: NIST CSF, ISO 27001/27002, SOC 2, CIS Controls.
- Strong privacy fundamentals: GDPR/UK GDPR, CCPA/CPRA; HIPAA/GLBA a plus.
- Experience leading risk assessments, control design/testing, policy development, TPRM, regulatory readiness.
- Exceptional written and verbal communication; executive-level deliverables.
- Proven ability to lead teams, manage timelines/budgets, and deliver in client-facing environments.
π Benefits
- High-impact work with sophisticated clients and PE portfolio companies.
- Shape and scale a fast-growing Cybersecurity practice.
- Collaborative culture with autonomy, flexibility, and leadership support.
- Competitive compensation and benefits; career growth opportunities.
- Exposure to CFGI service lines across Accounting, CFO, Technology Enablement.
- Focus on career development and ongoing learning.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Business & Management Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!