GRC Consultant at Ascend Technologies | Torre
warning

Heads-up

The job you’re trying to post already exists in Torre:

You'll strategically enhance client cybersecurity postures, translating complex risks into actionable business insights.
Emma highlights
This highlight was written by Emma’s AI. Ask Emma to edit it.
Freelance
Recurrent
Compensation USD100k/year
location_on
Remote (anywhere)
Match
skeleton-gauges
You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Review preferences
Shared by
Emma of Torre.ai
2 months ago

Requirements and responsibilities


About the roleThe GRC Cybersecurity Consultant serves as a trusted advisor to Ascend clients, strategically enhancing their cybersecurity posture. This role supports the client’s development, delivery, and continual improvement of comprehensive cybersecurity and compliance programs aligned with frameworks such as NIST CSF, CIS Controls, ISO 27001, HIPAA Omnibus, SOC 2, PCI‑DSS, and other regulatory standards. The consultant also contributes to helping regulated clients prepare for audits (SOC 2, SEC, FDIC, etc.). This position works closely with both business and technical stakeholders to assess risks, implement controls, develop policies, support audit readiness, review security data, and communicate clear, business‑aligned recommendations. Strong presentation and communication skills are essential for translating complex cybersecurity concepts into actionable insights for diverse audiences.ResponsibilitiesClient Engagement & ReportingGenerate, analyze, and present cybersecurity service reports and dashboards to demonstrate program efficacy and maturity progress.Translate technical risks and data into business‑relevant insights for stakeholders.Conduct research and provide guidance on emerging threats, regulatory changes, and new technologies.Collaborate with internal resources to review vulnerability scans, penetration test results, and risk assessments.Governance & PolicyAssist clients in developing, reviewing, and maintaining cybersecurity policies, standards, and procedures.Support creation and continuous improvement of security governance frameworks aligned to business objectives.Risk ManagementConduct cybersecurity risk assessments, control gap analyses, and maturity assessments.Identify and evaluate risks, recommend remediation strategies, and track mitigation progress.Support maintenance of risk registers and provide leadership reporting.Compliance & AuditEnsure client alignment with regulatory and industry frameworks (NIST, ISO 27001, SOC 2, HIPAA, GDPR, PCI‑DSS, etc.).Assist with audit readiness, evidence collection, compliance roadmaps, and remediation activities.Third‑Party Risk ManagementPerform vendor security assessments and oversee third‑party risk processes.Security Program DevelopmentSupport design, enhancement, and continuous improvement of client security programs.Assist with building control frameworks and aligning them with best practices.Provide guidance on cybersecurity strategy, roadmaps, and program governance.Incident PreparednessAssist clients with incident response planning, tabletop exercises, and business continuity initiatives.Recommend improvements to detection, response, and recovery capabilities.Internal Collaboration & Continuous ImprovementWork with Ascend Cybersecurity Leadership to identify improvement opportunities through data analytics and trend analysis.Serve as a resource to Solutions Architects regarding cybersecurity professional services and data offerings.Facilitate knowledge sharing and adaptability as client priorities evolve.Support efficient operations within a leveraged cybersecurity services model.Perform additional responsibilities as assigned.Required Skills, Experience, and EducationStrong understanding of regulatory and security frameworks (HIPAA, CMMC, NIST CSF, NIST 800‑53, ISO 27001, SOC 2, etc.).Hands‑on experience with risk assessments, control testing, audits, and policy development.Excellent written and verbal communication skills.Ability to collaborate across technical and non‑technical teams.Strong analytical skills and attention to detail.Preferred Skills, Experience, and EducationBachelor’s degree in Cybersecurity, Information Systems, or related field, or equivalent experience.Professional certifications such as CISSP, CISM, CISA, CRISC, or equivalent.Experience with GRC platforms (StandardFusion, Apptega, Vanta, etc.).3+ years of relevant cybersecurity and GRC experience, gained through direct industry work, consulting or client‑facing advisory services.Strong problem‑solving and critical‑thinking abilities.Ability to manage multiple engagements and deadlines.Collaborative, customer‑centric mindset.High integrity and commitment to confidentiality.Compensation & BenefitsStarting Compensation Range: $100,000 per year.Salary commensurate with experience, skills, and qualifications; final offer based on factors including experience, expertise, relevant certifications, specific role requirements, internal equity, market trends, and geographic location.Benefits include health, dental, and vision insurance, retirement savings options, flexible time off (FTO), and professional development opportunities.Compensation and benefits can be further discussed during the interview process to align with candidate expectations and experience.Diversity, Equity, and InclusionAscend Technologies believes that diversity, equity, and inclusion are fundamental values and drivers of innovation, growth, and success, and is committed to fostering an environment where every individual feels valued, respected, and empowered.CORE VALUESCommitted to Client Success: Our actions and our words always align with the best interest of the client.One Team: We work collaboratively to overcome challenges with humility and respect and do what it takes to find innovative solutions.Integrity: We are unquestionably committed to doing the right thing even when it is hard.Accountability: We hold ourselves and each other accountable for keeping our commitments to our clients, our communities, and one another.Transparency: We create open lines of communication with each other and our clients, fostering relationships founded on candor and trust.PHYSICAL DEMANDSMust be able to sit, stand, and bend for the duration of shift. The position is mainly sitting, with occasional lifting up to 50 lbs, such as laptop, server equipment, and, driving to the work site to meet with client(s).
Optionally, you can add more information later (benefits, pre-screening questions, etc.)
check_circle

Payment confirmed

A member of the Torre team will contact you shortly

In the meantime, continue adding information to your job opening.