Cyber Security Specialist (CISO/GRC Focus) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Santcore Technologies · 1 day ago

Cyber Security Specialist (CISO/GRC Focus)

positionWilmington, DE
timeContract
remoteHybrid
senioritySenior Level
money$50/hr - $55/hr
date5+ years exp

Santcore Technologies is seeking a skilled Cyber Security Specialist to support the CISO organization within a leading U.S. consumer banking environment. This role will play a key part in supporting cybersecurity integration, governance, and risk management activities as part of a strategic acquisition and enterprise security transformation initiative.

Information Technology & Services
badNo H1Bnote

Responsibilities

Perform cybersecurity gap assessments against enterprise policies, standards, and regulatory frameworks and define remediation strategies
Track and manage identified risks within governance frameworks and ensure closure through coordinated remediation plans
Support post-acquisition cyber integration activities and align systems with enterprise security standards and controls
Coordinate and manage penetration testing, vulnerability management, and security validation efforts
Conduct security risk assessments across applications, infrastructure, cloud, and third-party vendors
Provide security advisory support to CISO, BISO, CIO, and product teams on risk mitigation and security best practices
Support governance, compliance, and oversight activities across multiple cyber domains including: Data security & protection, Third-party/vendor security, Secure configuration & hardening, Cloud & infrastructure security, Application security
Contribute to design and implementation of security solutions and control enhancements
Ensure compliance with enterprise risk management frameworks and regulatory requirements
Work with stakeholders to ensure residual risks are mitigated within acceptable business risk appetite

Qualification

Cyber SecurityGRCNetwork securityCloud securityIAM & access controlsData protectionApplication securityThird-party risk managementNIST CSFISO 27001/27002PCI DSSCIS ControlsVulnerability managementPenetration testingSecurity monitoringSecure configurationsEncryption mechanismsWindows securityUnix securityStakeholder communicationGovernance experienceCISSPCISMCRISCCISADocumentation experience

Required

5–7 years of experience in Cyber Security, Information Security, or GRC, preferably within CISO organizations or security consulting environments
Strong expertise across multiple cyber domains including: Network security, Cloud security, IAM & access controls, Data protection, Application security, Third-party/vendor risk management
Hands-on experience performing gap assessments, risk analysis, and remediation planning
Strong knowledge of security frameworks and standards: NIST CSF, ISO 27001/27002, PCI DSS, CIS Controls
Understanding of: Vulnerability management & penetration testing, Security monitoring & secure configurations, Encryption & access control mechanisms, Windows/Unix security and network security fundamentals
Experience supporting security governance, compliance tracking, and risk reporting
Strong stakeholder communication and ability to influence risk-based decisions

Preferred

Experience supporting M&A or large-scale security integration programs
Exposure to enterprise cloud and hybrid security environments
Certifications such as CISSP, CISM, CRISC, or CISA (preferred but not mandatory)
Consulting mindset with strong documentation and governance experience

Company

Santcore Technologies

twitter
company-logo
Santcore Technologies is a multidisciplinary IT consulting and solutions firm specializing in cybersecurity, GRC, cloud architecture, application security, digital transformation, and enterprise technology staffing.
dateFounded in 2020
location
Houston, Texas, US
people-size11-50 employees
web-link
https://www.santcore.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase