GRC Consultant II

At CDW, we make it happen, together. Trust, connection, and commitment are at the heart of how we work together to deliver for our customers. It’s why we’re coworkers, not just employees. Coworkers who genuinely believe in supporting our customers and one another. We collectively forge our path forward with a level of commitment that speaks to who we are and where we’re headed. We’re proud to share our story and Make Amazing Happen at CDW.

Job Summary 
Your role at CDW is of the utmost importance to the company’s mission, objectives, and reputation. As a GRC Consultant II, you will support functional areas within security Governance Risk and Compliance (GRC) to minimize information security risk and optimize our compliance efforts. Your ability to work seamlessly in a high-velocity environment, collaborate and build consensus with internal and external subject matter experts across the organization, analyze and solve complex problems, and improve existing processes, will be essential to our success.

The ideal candidate has a strong background in information security risk management, information security standards and compliance requirements, and security GRC frameworks. They are passionate about building strong stakeholder relationships and collaborating with others to solve problems and mitigate risks for the betterment of the organization.
What you will do: 

• Triage IT/security risks reported to Global Information Security (GIS) and identify appropriate risk owners to ensure risks are assessed and responded to.
• Utilizing GRC software to track, monitor, and report on IT/security risks throughout their lifecycle.
• Support ISO 27001, PCI DSS, SOX and other compliance program activities to ensure ongoing compliance.
• Stay updated with the latest regulatory requirements and industry standards to provide expert advice and training on best practices and compliance requirements to stakeholders and promote risk-aware decision-making.
• Track and support mitigation and/or remediation of information security compliance issues
• Support the implementation, maintenance and continuous improvement of a global GRC framework and software/tools.
• Thrive in a fast-paced work environment, remaining organized, composed and effective under pressure.
• Collaborate with business customers to translate information security risks and requirements into business terms.
• Develop and maintain relationships with key stakeholders.

What we expect of you: 

• 3 years of experience in information security risk management, information security compliance, Governance Risk and Compliance (GRC), or related roles. 
• We value experience, skills, drive, aptitude, and attitude over university degrees and certifications.
• Strong analytical, critical thinking, and problem-solving skills.
• Strong interpersonal skills and effective written and verbal communication skills.
• Strong knowledge of multiple regulatory requirements and compliance frameworks (NIST, ISO, SOX, SOC, PCI, GDPR, etc.). 
• Excellent understanding of information security principles, risk assessment methodologies, and security controls. 
• Experience with GRC tools and platforms, a plus.

Pay range: $70,000.00-$97,200.00 depending on experience and skill set
Benefits overview: https://cdw.benefit-info.com/
Salary ranges may be subject to geographic differentials #LI-SC3
 

We make technology work so people can do great things.     

CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada. A Fortune 500 company and member of the S&P 500 Index, CDW helps its customers to navigate an increasingly complex IT market and maximize return on their technology investments. Together, we unite. Together, we win. Together, we thrive.

CDW is an equal opportunity employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by state and local law.