Information Security / GRC (Governance, Risk, and Compliance) Consultant

Alpharetta, GA
Professional Services – Professional Services /
Full-time /
Hybrid
Apply for this job
At PDI Technologies, we empower some of the world's leading convenience retail and petroleum brands with cutting-edge technology solutions that drive growth and operational efficiency. 

By “Connecting Convenience” across the globe, we empower businesses to increase productivity, make more informed decisions, and engage faster with customers through loyalty programs, shopper insights, and unmatched real-time market intelligence via mobile applications, such as GasBuddy.  We’re a global team committed to excellence, collaboration, and driving real impact. Explore our opportunities and become part of a company that values diversity, integrity, and growth.

Role Overview:
An Information Security / GRC Consultant ensures that an organization's information systems are secure and compliant with internal policies and external regulations. They advise on best practices, develop security policies, and help with risk assessments and audits.

Core Responsibilities


      • Risk Management
    • Perform risk assessments and gap analyses
    • Identify and prioritize vulnerabilities and threats
    • Recommend mitigation strategies
      • Governance & Compliance
    • Develop and implement IT governance frameworks
    • Provide advisory services focused on compliance with regulations and standards including (but not limited to):
    • HIPAA
    • PCI-DSS
    • SOX
    • GLBA
    • FISMA
    • CMMC
      • Security Policy and Documentation
    • Create and maintain security policies, procedures, and standards.
    • Support the development of Business Continuity and Disaster Recovery Plans
      • Audit & Monitoring
    • Prepare for internal and external audits.
    • Support ongoing compliance reporting and evidence collection.
      • Advisory & Training
    • Advise on cybersecurity investments and architecture
    • Provide security awareness training
    • Act as a liaison between technical teams and leadership

Skills and Qualifications


      • Technical Knowledge:
    • Familiarity with firewalls, intrusion detection/prevention, endpoint security, identity management
    • Mastery of networking, operating system, and software development fundamentals
    • Understanding of cloud security (AWS, Azure, GCP)
    • Experience with tools like Nessus, Qualys, Splunk, Archer, ServiceNow GRC
      • Frameworks & Standards:
    • NIST (800-53, CSF), ISO/IEC 27001
    • CIS Critical Security Controls
    • FedRAMP, HITRUST, SOC 2
      • Soft Skills:
    • Strong communication and documentation skills
    • Analytical thinking
    • Ability to manage multiple stakeholders
    • Results-oriented time management
      • Certifications:
    • CISSP (Certified Information Systems Security Professional)
    • CCSP (Certified Cloud Security Professional)
    • CISA (Certified Information Systems Auditor)
    • CRISC (Certified in Risk and Information Systems Control)
    • CISM (Certified Information Security Manager)

PDI is committed to offering a well-rounded benefits program, designed to support and care for you, and your family throughout your life and career.  This includes a competitive salary, market-competitive benefits, and a quarterly perks program. We encourage a good work-life balance with ample time off [time away] and, where appropriate, hybrid working arrangements.  Employees have access to continuous learning, professional certifications, and leadership development opportunities. Our global culture fosters diversity, inclusion, and values authenticity, trust, curiosity, and diversity of thought, ensuring a supportive environment for all.
Apply for this job

PDI Technologies Home Page

Jobs powered by Lever logo