Cyber Security Specialist (Governance, Risk & Compliance) – w2 only

Job Description

Company: Redolent, Inc

One of our clients is looking for a Security Contracts/Regulations & Third-Party Security Specialist to support their enterprise Cybersecurity Governance, Risk & Compliance team.

Role: Security Specialist (Vendor, Compliance, GRC) – w2 only

– Duration: Six months

– Location: Remote

–

Key Responsibilities:

– Security Contracts: Analyze third-party modifications to the Data Security Addendum (DSA), propose alternative language, and negotiate terms alongside GIS leadership and legal teams.

– Security Regulations: Research and map international cybersecurity regulations to corporate policies; identify misalignments and monitor the global threat landscape.

– Third-Party Security: Conduct vendor security assessments, identify non-compliance issues, and engage vendor leadership to negotiate risk resolutions.

Core Requirements:

– 7+ years of experience in security contract negotiations and third-party assessments within large global financial organizations.

– Deep knowledge of NIST CSF, ISO 27001, FFIEC, and SEC Regulation S-P.

– Expertise using Standard Information Gathering Questionnaires (SIG) and evaluating SOC reports.

– Experience with eGRC platforms such as MetricStream, RSA Archer, or OneTrust.

– Bachelor’s degree in a technical field; CISSP, CISA, CISM, or CRISC certifications are preferred.

– Exceptional executive presence and the ability to communicate complex security topics to senior leadership.

Source: LinkedIn