Related skills
gdpr iso 27001 ccpa tprm soc 2📋 Description
- Lead end-to-end GRC & privacy engagements, from scoping to executive reporting.
- Design and operationalize governance models: policies, standards, KPI/KRIs.
- Build mature risk programs: risk assessments, risk registers, control libraries, testing.
- Develop security policies aligned to NIST CSF, ISO 27001/27002, SOC 2, CIS.
- Support regulatory readiness for GDPR/UK GDPR, CCPA/CPRA, NYDFS 500, HIPAA, PCI DSS.
- Stand up privacy programs: data mapping, DPIAs/PIAs, DSAR, retention, consent, third-party risk.
🎯 Requirements
- Eight+ years in cybersecurity GRC, privacy, risk management, or consulting.
- Bachelor’s degree in a relevant field.
- Expertise implementing NIST CSF, ISO 27001/27002, SOC 2, CIS Controls.
- Strong privacy fundamentals; GDPR/UK GDPR, CCPA/CPRA; HIPAA/GLBA a plus.
- Leading enterprise security risk assessments, controls design, TPRM, regulatory readiness.
- Exceptional written and verbal communication with executive-level deliverables.
🎁 Benefits
- High-impact work with sophisticated clients and PE firms.
- Shape and scale a fast-growing Cybersecurity practice.
- Collaborative culture with autonomy and strong leadership.
- Competitive compensation, benefits, and career growth.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Data Jobs. Just set your
preferences and Job Copilot will do the rest — finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!