Cyber Security Specialist (Governance, Risk & Compliance) - w2 only
One of our clients is looking for a Security Contracts/Regulations & Third-Party Security Specialist to support their enterprise Cybersecurity Governance, Risk & Compliance team. Role: Security Specialist (Vendor, Compliance, GRC) - w2 only - Duration: Six months - Location: Remote - Key Responsibilities: - Security Contracts: Analyze third-party modifications to the Data Security Addendum (DSA), propose alternative language, and negotiate terms alongside GIS leadership and legal teams. - Security Regulations: Research and map international cybersecurity regulations to corporate policies; identify misalignments and monitor the global threat landscape. - Third-Party Security: Conduct vendor security assessments, identify non-compliance issues, and engage vendor leadership to negotiate risk resolutions. Core Requirements: - 7+ years of experience in security contract negotiations and third-party assessments within large global financial organizations. - Deep knowledge of NIST CSF, ISO 27001, FFIEC, and SEC Regulation S-P. - Expertise using Standard Information Gathering Questionnaires (SIG) and evaluating SOC reports. - Experience with eGRC platforms such as MetricStream, RSA Archer, or OneTrust. - Bachelor’s degree in a technical field; CISSP, CISA, CISM, or CRISC certifications are preferred. - Exceptional executive presence and the ability to communicate complex security topics to senior leadership. Apply tot his job Apply To this Job