Security and Compliance Consultant

We are seeking a proactive, articulate, and client-focused Security and Compliance Consultant to partner with organizations in designing, managing, and implementing comprehensive Governance, Risk, and Compliance (GRC) programs. This role requires strong verbal communication skills and the ability to confidently interact with clients on video calls.

As a Security and Compliance Consultant, you will guide clients through complex frameworks, including NIST 800-53, SOC 2, ISO 27001, FedRAMP, and other regulations like GDPR and HIPAA. You will play a key role in preparing clients for third-party certifications, ensuring long-term compliance, and maturing security posture.

Our consultants specialize in the following key areas:

• IT Compliance Frameworks & Certifications (SOC 2, ISO 27001, NIST 800-53, FedRAMP, HIPAA, GDPR, CCPA)
• Governance, Risk, and Compliance (GRC)
• Information Security & Risk Management
• Cybersecurity Best Practices & Regulatory Requirements
• Audit Readiness & Continuous Compliance
• Data Privacy & Security Policies

Responsibilities of Security and Compliance Consultant:

• Client Management
  • Develop and maintain comprehensive client compliance project plans utilizing Neutral Partners’ supplied tools to align the client’s audit schedule and detail critical activities for security compliance.
  • Provide clients with regular updates on IT and security compliance trends specific to their programs, ensuring they remain informed and proactive in their compliance efforts.
• Certification Guidance
  • Lead clients through the complete lifecycle of IT/security certifications, including SOC 2, ISO 27001, FedRAMP, and others.
• Assessment and Gap Analysis
  • Conduct comprehensive evaluations of clients’ existing security controls and practices to identify areas for improvement.
  • Identify gaps in compliance with certification standards and provide actionable recommendations for remediation.
  • Establish and manage a risk management process that aligns with the clients’ selected security framework, ensuring ongoing compliance and risk mitigation.
• Policy and Procedure Development
• Draft, review, and update security policies, procedures, and documentation to align with certification requirements.
• Ensure that all necessary documentation is comprehensive, up-to-date, and audit-ready.
• Implementation Support
  • Guide clients in the implementation of security controls, technologies, and best practices necessary for certification.
  • Provide recommendations in configuring security tools, conducting internal audits, and preparing for external audits.
• Client Training and Education
  • Educate clients on the certification process, including key milestones, deliverables, and expectations.
  • Conduct training sessions to ensure client teams are equipped with the knowledge and skills needed to maintain compliance.
• Audit Preparation and Liaison
  • Prepare clients for external audits by conducting pre-audit assessments, mock audits, and audit readiness reviews.
  • Serve as the primary point of contact for auditors, facilitating a smooth and successful audit process by addressing inquiries and coordinating necessary documentation.
• Continuous Improvement
  • Stay updated on the latest developments in security standards, regulations, and certification requirements to provide informed guidance.
  • Continuously improve consulting methodologies and tools to enhance the client experience and outcomes.

Required Qualifications:

• Exceptional verbal communication skills and ability to present confidently on video calls.
• Experience with enterprise security architectures, risk management, and compliance.
• Strong ability to work independently in a remote environment.
• Deep understanding of compliance frameworks such as NIST CSF, SOC 2, ISO 27001, and knowledge of privacy laws such as GDPR and CCPA.

Desired Qualifications for Security and Compliance Consultant:

• Certifications such as CISSP, CISA, CISM, or ISO 27001 Lead Auditor/Implementer.
• Bachelor’s degree in information technology, cybersecurity, or a related field.
• Extensive knowledge of the NIST 800-53.
• Extensive knowledge of SOC 2 Trust Services Criteria.
• Extensive knowledge of ISO 27001 standards.
• Extensive understanding of HIPAA/HITECH Security Rule.
• Demonstrated experience in writing policies, procedures, and other documentation within various information security frameworks.
• Demonstrated experience in performing security and privacy risk assessments.
• Demonstrated experience in performing compliance assessments and implementing regulatory requirements.

Traits that Fit a Security and Compliance Consultant:

• Confident speaker who can clearly communicate compliance concepts on camera.
• Proactive self-starter who takes ownership of tasks and seeks solutions without micromanagement.
• Results-driven mindset, focused on helping clients successfully achieve compliance.
• Strong organizational skills, able to manage multiple projects simultaneously.
• Ability to work autonomously in a fully remote setting.
• Fast learner who quickly adapts to changing compliance requirements.

Position Details:

• Full-time, Remote

Why Join Neutral Partners:

• Work with a dynamic team focused on high-impact compliance projects.
• Help organizations achieve and maintain critical security certifications.
• Fully remote role with flexibility and autonomy.