SecureState is actively seeking aSenior Audit and Compliance Consultant (Remote Opportunities Possible)to work on client engagements. The Audit and Compliance team specializes in performing security assessments and audits that are tailored to the business and its executives, including assessments for PCI DSS compliance, HIPAA compliance, and other regulatory security and privacy requirements. The consultant in this position must be able to address both general business and technical issues to assist clients. They will learn SecureState’s methodologies and be able to apply them while learning new industry techniques and standards.

Responsibilities:

• Participate in client kick-off meetings, internal meetings and training as required.
• Complete project work accurately and within deadlines as required.
• Work with SecureState manager to understand project plans and scope for assigned role on engagement.
• Communicate and help resolve engagement issues with SecureState manager.
• Assist in preparing client reports and internal status updates.
• Communicate with project team and keep project information up to date.
• Prepare and conduct meetings with clients and peers to ensure project requirements are completed and your portion of the engagement is fully delivered.
• Develop and maintain effective working relationships with clients and other team members.
• Present work to upper management for review.
• Participate in identifying additional business opportunities by identifying client issues and problems.
• Gain thorough knowledge of and be able to explain SecureState offerings.

Required Qualifications:

• Certifications: CISSP, CISA, PCI QSA, or 5 years of security experience.
• BS Degree in Accounting, Information Systems, or equivalent experience.
• 4-7 years of experience in audit or security assessments.
• Project management skills.
• Business and technical background.
• Detail-oriented skills for documentation of findings and recommendations.

Desired Qualifications:

• Thorough knowledge of multiple security frameworks and regulations such as IS0 27001/27002, PCI DSS, NIST 800-53, NERC CIP, COBIT, and SOC 1/2, PCI, HIPAA, TR-39, SOX, and GLBA.