RemoteLeaf Logo
Log in Sign up

Senior Information Security GRC Specialist

3 hours, 50 minutes ago
United States
Full-time
Senior
Penetration Tester
Cybersecurity
Apply Now
BHG Financial

BHG Financial

BHG Financial is a pioneering financial company that specializes in providing innovative solutions for business professionals, consumers, and financial institutions nationwide. With a focus on technology, analytics, and exceptional service, BHG offers ...

Diversified Financial Services
1K-5K
Founded 2001
View All Jobs 11

Description

  • Own and lead the enterprise Business Continuity and Disaster Recovery (BC/DR) program, including strategy, governance, and execution.
  • Define and maintain BC/DR frameworks, policies, standards, recovery objectives, system tiering, and recovery strategies.
  • Drive enterprise-wide Business Impact Analysis (BIA) processes to identify critical services, dependencies, and recovery priorities.
  • Establish and oversee BC/DR testing strategy, including scenario design, execution, and continuous improvement of recovery capabilities.
  • Evaluate organizational resilience and identify gaps, risks, and opportunities to improve recovery readiness.
  • Advise leadership on resilience risks, recovery tradeoffs, and business continuity investment priorities.
  • Report on BC/DR readiness and testing outcomes to senior leadership and support board-level reporting.
  • Lead or support risk assessments for critical systems, strategic initiatives, and operational processes.
  • Partner with Enterprise Risk Management, Legal, and Technology teams to align BC/DR with broader risk management practices.
  • Drive a culture of resilience and security awareness through training, exercises, and communications.

Requirements

  • 8 years of experience in the Information Security GRC field, or a combination of relevant experience and education.
  • Experience in a BC/DR role with a solid understanding of planning and testing.
  • Bachelor’s degree, ideally in Computer Engineering, Computer Science, Cybersecurity, or Information Systems Management.
  • Current relevant certifications such as CISA, CISM, or CRISC, or willingness to obtain one within 1 year of assignment.
  • Familiarity with compliance requirements such as FFIEC, PCI, GLBA, CCPA, and SOX.
  • Familiarity with information security frameworks such as SOC 2, NIST, ISO, and FISMA.
  • Familiarity with risk frameworks such as OCTAVE, FAIR, ISACA Risk IT, ISO 27005, and NIST CSF.
  • Strong documentation, interpersonal, and communication skills with the ability to adapt communication for business stakeholders.
  • Ability to manage multiple priorities, analyze information, and solve complex problems creatively.
  • Valid U.S. work authorization is required, and the role is not eligible for employer-sponsored immigration.
  • Travel required during the first 6 months, with ongoing travel of approximately 5% annually thereafter.

Benefits

  • Medical, prescription, dental, and vision coverage for employees and eligible family members.
  • Competitive PTO and vacation policies.
  • One Friday off each month for Wellness Weekends.
  • Company 401(k) plan with employer contributions after one year.
  • Company-sponsored training and certification opportunities.
  • Quarterly award ceremonies with additional bonuses for top achievers.
  • Ongoing volunteer opportunities through the BHG Cares program.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Belmont Lavan

Oracle Security & Controls consultant 6 Months Contract

Belmont Lavan 11-50 Professional Services

Belmont Lavan Ltd is hiring an Oracle Security & Controls Consultant for a 6-month contract to assess, design, and implement security controls across Oracle environments that support data integrity, confidentiality, and regulatory compliance.

Sweden Denmark Contract Mid Level Database Administrator Penetration Tester
Oracle
3 hours, 50 minutes ago
Bridewell

Senior Penetration Tester

Bridewell 251-1K Internet Software & Services

Bridewell is hiring a Senior Penetration Tester to deliver client-facing offensive security assessments across web applications, APIs, and infrastructure while supporting reporting, pre-sales, and service development.

United Kingdom Full-time Senior Penetration Tester
AWS Azure Bash Cybersecurity GCP LLM Penetration Testing PowerShell Python
4 hours, 5 minutes ago
M

Pentester, Offensive Forward Deployment Engineer

Mistral AI 201-500 Artificial Intelligence

Mistral AI is hiring a hands-on Pentester for its Offensive Security team to run real client engagements, uncover vulnerabilities in Mistral’s systems and external targets, and help shape AI-assisted offensive security capabilities.

France United Kingdom Full-time Senior Penetration Tester
Active Directory AWS Azure CI/CD GCP Penetration Testing
4 hours, 20 minutes ago
Coalfire

Senior Consultant - FedRAMP Assessment

Coalfire 251-1K Internet Software & Services

Coalfire is hiring a Senior Consultant for remote FedRAMP assessment work, leading security and compliance evaluations for client environments and delivering audit results and guidance to support authorization and risk management objectives.

United States Full-time Senior Penetration Tester
$86k-$148k
AWS Azure Cybersecurity HIPAA
1 day, 11 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers