true GRC Consultant II
Fueled by our shared passion and expertise, CDW delivers innovative technology solutions for our customers. We’re also committed to fostering an environment that embraces collaboration, celebrates integrity, inclusivity, and individuality, and paves the path for personal and professional growth. Experience a life in balance and join us on the journey forward.
Your role at CDW is of the utmost importance to the company’s mission, objectives, and reputation. As a GRC Consultant II, you will support functional areas within security Governance Risk and Compliance (GRC) to minimize information security risk and optimize our compliance efforts. Your ability to work seamlessly in a high-velocity environment and support security GRC operations by assessing third-party risks, assisting with ISO 27001 and other compliance activities, supporting the records retention and information governance program, and assisting with the development and implementation of GRC strategies and frameworks will be essential to our success.
The ideal candidate has a strong background in security risk management, information governance, information security standards and compliance requirements, and GRC frameworks and is passionate about collaborating with others to solve problems and mitigate risks for the betterment of the organization.
What you will do:
- Support ISO 27001 and other compliance program activities to ensure ongoing compliance.
- Support the implementation and maintenance of a global GRC framework and tool.
- Conduct risk assessments to identify, evaluate, and prioritize information security risks, develop risk mitigation strategies and work with stakeholders to implement appropriate controls and measures.
- Conduct assessments to evaluate technical and IT operational controls readiness against regulatory and industry standards and certification requirements.
- Provide expert advice and training to stakeholders on compliance requirements and GRC best practices and strategies.
- Track and support mitigation and/or remediation of information security risk and compliance issues
- Facilitate security risk discussions, provide guidance, and promote risk-aware decision-making.
- Timely and complete execution of all assigned work, meeting all defined targets, objectives, and SLAs, to support day-to-day capabilities/programs.
- Assist business customers with understanding and implementing records retention and information governance control requirements.
- Thrive in a fast-paced work environment, remaining composed and effective under pressure.
- Collaborate with business customers to translate information security risks and requirements into business terms.
- Develop and maintain relationships with key stakeholders
What we expect of you:
- We value experience, skills, drive, aptitude, and attitude over university degrees and certifications.
- 3 years’ experience in information security, Governance Risk and Compliance (GRC), or related roles
- Strong analytical, critical thinking, and problem-solving skills
- Strong interpersonal skills and effective written and verbal communication skills
- Strong knowledge of multiple regulatory requirements and compliance frameworks (NIST, ISO, SOX, SOC, PCI, GDPR, etc.)
- Excellent understanding of information security principles, risk assessment methodologies, and security controls
- Experience with GRC tools and platforms is preferred.
What you can expect from us:
Diverse, award-winning culture and work/life benefits.
- An inclusive culture that empowers you to bring your best true self and your best ideas. We know diverse perspectives lead to better problem solving and better solutions for our customers.
- A learning environment that empowers you to develop your career with comprehensive resources and support, ongoing education and skills-development training, and robust advancement opportunities.
- Health, dental, and vision coverage; coworker stock purchase program; paid vacation time and sick days; tuition reimbursement; coworker discounts; and other generous perks.
Who we are:
We make technology work so people can do great things.
CDW is a Fortune 500 technology solutions provider to business, government, education, and healthcare organizations in the United States, Canada, and the United Kingdom. We help customers navigate and be successful in an ever-changing world by providing them with the technology advice and solutions they need—when, where, and how they need them. We make technology work so that people can do great things.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.