Xantrion is hiring a
Senior Cybersecurity GRC Consultant in Worldwide

Summary

Xantrion is hiring a Senior Cybersecurity Consultant to aid clients and Xantrion in achieving and maintaining compliance with security standards. The position involves governance, risk, and compliance consulting (60%) and internal compliance (40%).

Requirements

• 8+ years of experience in cybersecurity governance, risk, and compliance, with a focus on common certification and attestation requirements (e.g., FedRAMP, CMMC, PCI DSS, ISO 27001, SOC2, HIPAA)
• Professional experience conducting security assessments and leading implementation of common security frameworks (e.g., NIST 800-171, NIST 800-53, NIST CSF, SOC2, HITRUST, ISO 27001)
• Self-starter with the ability to work independently, proactively take ownership of work, and drive engagements to provide value to clients
• Strong analytical and problem-solving skills, particularly in information systems, cybersecurity, and privacy
• Proven ability to manage projects, meet deadlines, and achieve high levels of quality
• Excellent organizational, writing, and communication skills

Responsibilities

• Lead expert consulting engagements helping business leaders understand regulatory requirements and risk
• Develop right-sized cybersecurity and resiliency programs alongside Xantrion technical engineers
• Perform risk-assessments, policy development, and tabletop exercises for clients and vendors
• Conduct gap-analysis against cybersecurity frameworks and develop remediation plans
• Design and develop security policies, standards, and procedures across various domains including System Security Plans, business continuity, and incident response
• Lead client meetings and workshops, create client-facing presentations and reports
• Offer ongoing guidance to Xantrion’s cybersecurity practice ensuring our services are always ‘audit-ready’
• Work cross-functionally, building on our existing SOC2 program to prepare for ISO 27001 and CMMC certification
• Drive internal audits to assess compliance and identify areas for improvement
• Serve as a primary liaison to external auditors, assessors, and examiners

Preferred Qualifications

Relevant training and certifications (e.g., CCP, CCA, CISSP, CISA, CISM, ISO 27001 Lead Implementor) are strongly preferred

Benefits

• Salary $125K – 175K
• 100% of medical, dental, and vision for you and your family
• Certification and training reimbursement
• 17 Days PTO per year (in addition to training allowance)
• 401K match up to 4% of salary