All roles

Open role

Risk Advisory GRC Consultant - Remote (USA)

Remote · South Korea Full-time

About us: At Echelon Risk + Cyber, we believe in defending the basic human right to security and privacy. We are looking for an exceptional Risk Advisory GRC Consultant to support the execution of Risk Advisory client engagements. This includes leading and executing relevant tasks, as well as assisting in developing service deliverables and internal processes that will drive value for the team and clients. Our next team member will be authentic, articulate, and passionate about Cybersecurity, and will be unafraid to roll up their sleeves and dive deep into the unknowns, using their security expertise to identify opportunities to increase Echelon Risk + Cyber's overall capabilities internally and for our clients. At Echelon, you will have the opportunity to engage with systems at the cutting edge of technology. We allow our employees to build from the ground up and make an impact across the organization. We look for driven, proactive people eager to contribute to a distinct and thriving Cybersecurity services organization that can adapt to a rapidly changing environment. This is a remote position from anywhere in the USA. What You Will Do:

  • Perform SOC 2 Type I/II readiness assessments and support attestation engagements, including scoping, control evaluation, gap identification, and remediation guidance
  • Conduct ISO 27001 gap assessments, internal audits, and certification support engagements for clients across a range of industries and sizes
  • Test and evaluate IT General Controls (ITGCs) across client environments, documenting findings and providing actionable remediation recommendations
  • Support PCI DSS, HITRUST, HIPAA, and CMMC Level 2 compliance assessments as client workload requires
  • Prepare and review audit workpapers, evidence requests, control narratives, and client-facing deliverables to a consistent standard of quality
  • Work directly with clients to identify and assess information security risks, develop security policies and procedures, and provide practical remediation guidance
  • Contribute to incident response planning, tabletop exercises, and business continuity engagements as part of Echelon's broader advisory portfolio
  • Manage multiple concurrent client engagements, balancing priorities and delivering quality results on schedule
  • Build strong internal and client relationships through clear written and verbal communication, translating technical findings for both technical and non-technical audiences
  • Stay current with evolving compliance frameworks, audit standards, and security threats to strengthen client services and internal methodologies
  • Demonstrate thought leadership by creating content for the organization's website and blog, and through involvement in the cybersecurity community

Your Knowledge, Skills, and Abilities:

  • 2–4 years of hands-on experience in IT audit, compliance, or GRC consulting, with a focus on SOC 2 Type I/II audits, ISO 27001 assessments, or related attestation engagements
  • Demonstrated understanding of IT General Controls (ITGCs), Trust Services Criteria, and audit standards such as SSAE 18 or ISAE 3402, with additional exposure to incident response planning and business continuity concepts.
  • Ability to conduct risk assessments, compliance reviews, and readiness evaluations across frameworks, including SOC 2, ISO 27001, PCI DSS, HITRUST, and HIPAA
  • Strong analytical skills with the ability to identify and assess complex risk scenarios and offer practical solutions
  • Familiarity with leading GRC tools and technologies to support compliance and risk management initiatives
  • Excellent communication and presentation skills, capable of articulating technical concepts to technical and non-technical audiences
  • Strong project management skills, including managing multiple engagements and deliverables simultaneously while maintaining high quality and client satisfaction standards
  • Prior experience at a Big 4 firm, a mid-tier CPA/advisory firm, or a boutique IT audit/attestation firm is strongly preferred
  • Applicants must have authorization to work in the United States without current or future visa sponsorship.

Preferred Qualifications:

  • Already certified in, or currently pursuing, one or more of the following: CISA, CIA, CPA, CISSP, and/or ISO 27001 Lead Auditor
  • Experience with the incident response lifecycle
  • Experience developing project plans and timelines
  • Track record of high-volume SOC 2 or ISO 27001 engagement delivery in a client-facing consulting or attestation role
  • Exposure to FedRAMP, CMMC, or other government compliance frameworks

Why Echelon? We are committed to creating an inclusive environment for our team with unquestioned integrity. If you have a special need that requires accommodation, please let your recruiter know. One of our core values is "People with Personality," and we want to allow you the space to bring your full self to work. We currently offer the following benefits:

  • Access to medical, dental, and vision ins

More open positions

GRC Analyst at Suzy Remote

Work from home Full-time role

REMOTE - Information Security GRC Analyst III - R12694

Work from home Full-time role

Governance, Risk & Compliance (GRC) Analyst – RSA Archer | Remote (EST Time Zone)

Work from home Full-time role

GRC Analyst (AuditBoard REQUIRED) (468968)

Work from home Full-time role

Senior Analyst, Cyber Risk Quantification and GRC

Work from home Full-time role

[Remote] Director of SBU Operations (Financial Services & Capital Markets)

Work from home Full-time role

Clinical Nurse Coding Auditor

Work from home Full-time role

ADO Administrator @ Fully Remote on W2 only || [email protected]

Work from home Full-time role

Work-from-Home Customer Success Associate

Work from home Full-time role

Communications Specialist/Technical Writer (Remote Opportunity)

Work from home Full-time role

28 hours per week or more Virtual Psychiatric Nurse Practitioner ARNP Telehealth with Anywhere Wellness

Work from home Full-time role

Senior Software Engineer - SAP S4 - Cash Applications & Treasury Investments (Remote)

Work from home Full-time role

Work from Home Customer Service Representative at CVS Health

Work from home Full-time role

[Remote] Business Analyst, Fan-Based Marketing

Work from home Full-time role

Telephonic Case Manager, Anywhere

Work from home Full-time role

Senior Revenue Accountant

Work from home Full-time role

[Remote] Product Manager

Work from home Full-time role

QA Analyst / Software Tester - Remote (Entry Level)

Work from home Full-time role

Experienced Part-Time Evening Remote Chat Support Agent – Flexible Schedule

Work from home Full-time role

Experienced Remote Data Entry/Mail Room Clerk – Administrative Support Specialist for careerzynith

Work from home Full-time role

Sr. Product Manager, Authorization & Network Connectivity

Work from home Full-time role