What are the responsibilities and job description for the GRC Consultant position at Ascend Technologies?
GRC Consultant
This is a fully remote position
PURPOSE
The GRC Cybersecurity Consultant serves as a trusted advisor to Ascend clients, strategically enhancing their cybersecurity posture. This role supports the client’s development, delivery, and continual improvement of comprehensive cybersecurity and compliance programs aligned with frameworks such as NIST CSF, CIS Controls, ISO 27001, HIPAA Omnibus, SOC 2, PCI‑DSS, and other regulatory standards. The consultant also contributes to helping regulated clients prepare for audits (SOC 2, SEC, FDIC, etc.).
This position works closely with both business and technical stakeholders to assess risks, implement controls, develop policies, support audit readiness, review security data, and communicate clear, business‑aligned recommendations. Strong presentation and communication skills are essential for translating complex cybersecurity concepts into actionable insights for diverse audiences.
Responsibilities
Client Engagement & Reporting
The salary for this position is commensurate with experience, skills, and qualifications. The range is intended to reflect our commitment to attracting top talent, and the final offer will be based on factors including, but not limited to, the candidate's previous experience, expertise in the field, relevant certifications, and the specific requirements of the role. In addition, internal equity, market trends, and geographic location may also influence the final salary.
Along with a competitive salary, we offer a comprehensive benefits package, including health, dental, and vision insurance, retirement savings options, flexible time off (FTO), and professional development opportunities. We are open to discussing compensation and benefits further during the interview process to ensure alignment with the candidate’s expectations and experience.
At Ascend Technologies we firmly believe that diversity, equity, and inclusion are not only fundamental values but also powerful drivers of innovation, growth, and success. We are committed to fostering an environment where every individual feels valued, respected, and empowered.
CORE VALUES
We are seeking highly motivated individuals who have the willingness and ability to demonstrate Ascend core values:
Must be able to sit, stand, and bend for the duration of shift. The position is mainly sitting, with occasional lifting up to 50 lbs, such as laptop, server equipment, and, driving to the work site to meet with client(s).
This is a fully remote position
PURPOSE
The GRC Cybersecurity Consultant serves as a trusted advisor to Ascend clients, strategically enhancing their cybersecurity posture. This role supports the client’s development, delivery, and continual improvement of comprehensive cybersecurity and compliance programs aligned with frameworks such as NIST CSF, CIS Controls, ISO 27001, HIPAA Omnibus, SOC 2, PCI‑DSS, and other regulatory standards. The consultant also contributes to helping regulated clients prepare for audits (SOC 2, SEC, FDIC, etc.).
This position works closely with both business and technical stakeholders to assess risks, implement controls, develop policies, support audit readiness, review security data, and communicate clear, business‑aligned recommendations. Strong presentation and communication skills are essential for translating complex cybersecurity concepts into actionable insights for diverse audiences.
Responsibilities
Client Engagement & Reporting
- Generate, analyze, and present cybersecurity service reports and dashboards to demonstrate program efficacy and maturity progress.
- Translate technical risks and data into business‑relevant insights for stakeholders.
- Conduct research and provide guidance on emerging threats, regulatory changes, and new technologies.
- Collaborate with internal resources to review vulnerability scans, penetration test results, and risk assessments.
- Assist clients in developing, reviewing, and maintaining cybersecurity policies, standards, and procedures.
- Support creation and continuous improvement of security governance frameworks aligned to business objectives.
- Conduct cybersecurity risk assessments, control gap analyses, and maturity assessments.
- Identify and evaluate risks, recommend remediation strategies, and track mitigation progress.
- Support maintenance of risk registers and provide leadership reporting.
- Ensure client alignment with regulatory and industry frameworks (NIST, ISO 27001, SOC 2, HIPAA, GDPR, PCI‑DSS, etc.).
- Assist with audit readiness, evidence collection, compliance roadmaps, and remediation activities.
- Perform vendor security assessments and oversee third‑party risk processes.
- Support design, enhancement, and continuous improvement of client security programs.
- Assist with building control frameworks and aligning them with best practices.
- Provide guidance on cybersecurity strategy, roadmaps, and program governance.
- Assist clients with incident response planning, tabletop exercises, and business continuity initiatives.
- Recommend improvements to detection, response, and recovery capabilities.
- Work with Ascend Cybersecurity Leadership to identify improvement opportunities through data analytics and trend analysis.
- Serve as a resource to Solutions Architects regarding cybersecurity professional services and data offerings.
- Facilitate knowledge sharing and adaptability as client priorities evolve.
- Support efficient operations within a leveraged cybersecurity services model.
- Perform additional responsibilities as assigned.
- Strong understanding of regulatory and security frameworks (HIPAA, CMMC, NIST CSF, NIST 800‑53, ISO 27001, SOC 2, etc.).
- Hands‑on experience with risk assessments, control testing, audits, and policy development.
- Excellent written and verbal communication skills.
- Ability to collaborate across technical and non‑technical teams.
- Strong analytical skills and attention to detail.
- Bachelor’s degree in Cybersecurity, Information Systems, or related field, or equivalent experience.
- Professional certifications such as CISSP, CISM, CISA, CRISC, or equivalent.
- Experience with GRC platforms (StandardFusion, Apptega, Vanta, etc.).
- 3 years of relevant cybersecurity and GRC experience, gained through direct industry work, consulting or client‑facing advisory services.
- Strong problem‑solving and critical‑thinking abilities.
- Ability to manage multiple engagements and deadlines.
- Collaborative, customer‑centric mindset.
- High integrity and commitment to confidentiality.
The salary for this position is commensurate with experience, skills, and qualifications. The range is intended to reflect our commitment to attracting top talent, and the final offer will be based on factors including, but not limited to, the candidate's previous experience, expertise in the field, relevant certifications, and the specific requirements of the role. In addition, internal equity, market trends, and geographic location may also influence the final salary.
Along with a competitive salary, we offer a comprehensive benefits package, including health, dental, and vision insurance, retirement savings options, flexible time off (FTO), and professional development opportunities. We are open to discussing compensation and benefits further during the interview process to ensure alignment with the candidate’s expectations and experience.
At Ascend Technologies we firmly believe that diversity, equity, and inclusion are not only fundamental values but also powerful drivers of innovation, growth, and success. We are committed to fostering an environment where every individual feels valued, respected, and empowered.
CORE VALUES
We are seeking highly motivated individuals who have the willingness and ability to demonstrate Ascend core values:
- Committed to Client Success: Our actions and our words always align with the best interest of the client.
- One Team: We work collaboratively to overcome challenges with humility and respect and do what it takes to find innovative solutions.
- Integrity: We are unquestionably committed to doing the right thing even when it is hard.
- Accountability: We hold ourselves and each other accountable for keeping our commitments to our clients, our communities, and one another.
- Transparency: We create open lines of communication with each other and our clients, fostering relationships founded on candor and trust.
Must be able to sit, stand, and bend for the duration of shift. The position is mainly sitting, with occasional lifting up to 50 lbs, such as laptop, server equipment, and, driving to the work site to meet with client(s).
Salary : $100,000