Security Specialist - Compliance


Cybersecurity Services Manager



Start Date:


Travel Requirements:

Up to 65%

Position Description

The Security Specialist provides foundational business-focused cybersecurity solutions, including risk assessment, governance, data classification, policies, controls and procedures, awareness, vendor risk management, and incident response. Other responsibilities include leading delivery of client solutions and acting as a trusted advisor to help solve business-critical problems. This position is a critical member of a cybersecurity-focused business solution team, composed of capable and high-caliber cybersecurity professionals.

Position Responsibilities

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Plan and participate in compliance assessment and program development activities based on ISO standards such as 27001, 27017, 27018, 22301 and SOC 2
  • Advise and consult with Clients in a wide range of compliance and security domains, including risk assessment, awareness, incident response, penetration testing and vulnerability assessment
  • Contribute to project management, communications and other activities required for successful service delivery
  • Maintain proficiency in and awareness of security services, industry trends, tactics, techniques, and procedures
  • Maintain proficiency with security tools, where applicable
  • Act as a cybersecurity resource for GreyCastle Security Clients
  • Initiate and participate in process improvement
  • Present compliance concepts to senior management, board members and key stakeholders, as necessary
  • Participate in Client conversations and interviews in a professional and meaningful way
  • Participate in risk management activities to support creation and adoption of a risk management strategy

Corporate Responsibility

Information security is everyone's responsibility:

  • Understanding and following GreyCastle Security’s information security policies and procedures.
  • Remaining vigilant and reporting any suspicious activity or possible weaknesses in GreyCastle Security’s information security.
  • Actively participating in GreyCastle Security’s efforts to maintain and improve information security.

Supervisory Responsibility

This position has no supervisory responsibilities.

Work Environment

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to stand; walk; use hands to finger, handle or feel; and reach with hands and arms.

This position requires the ability to occasionally lift office products and supplies, up to 20 pounds.

Position Type/Expected Hours of Work

This is a full-time position, and hours of work and days are Monday through Friday, 8:00 a.m. to 5 p.m.

Required Education and Experience

  • 3+ years of experience in the cybersecurity industry working with business customers
  • Bachelor’s Degree or equivalent professional experience in cybersecurity industry
  • Demonstrated proficiency in leading and supporting cybersecurity services, including but not limited to asset-based risk assessment, gap assessment, documentation development, and internal
  • Demonstrated experience implementing core services to meet industry accepted standards and ISO 27001, 27001, 27017, 27018, 22301 and SOC 2 compliance
  • Proficient in presenting to senior-level customer staff
  • ISO 27001:2013 Lead Auditor Certificate preferred
  • Other Duties

    Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

    Equal Opportunity Employer

    GreyCastle Security is an equal opportunity employer, and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or protected veteran status, or any other protected factors or classes.