Sr GRC Consultant II

Description
At CDW, we make it happen, together. Trust, connection, and commitment are at the heart of how we work together to deliver for our customers. It's why we're coworkers, not just employees. Coworkers who genuinely believe in supporting our customers and one another. We collectively forge our path forward with a level of commitment that speaks to who we are and where we're headed. We're proud to share our story and Make Amazing Happen at CDW. Join CDW as a Security Assurance & GRC Lead, where you'll play a critical role in ensuring the effectiveness of our security and compliance programs across global operations. You will be responsible for designing, implementing, and maintaining governance, risk, and compliance (GRC) frameworks, as well as leading security assurance initiatives. Your work will help reduce risk exposure, ensure compliance with regulatory requirements, and strengthen our overall security posture. Key Responsibilities Governance & Compliance:
* Develop the business unit level procedures to align with corporate governance policies, standards, and procedures aligned with industry frameworks (e.g., NIST CSF, ISO 27001, SOC 2, PCI DSS, NIST 800-53).
* Ensure alignment of security controls with regulatory requirements, including privacy laws (GDPR, CCPA, NIST Privacy Framework) and internal compliance obligations.
* Drive compliance initiatives, including third-party security audits, certifications, and regulatory assessments Security Assurance & Risk Management:
* Conduct security control assessments, risk evaluations, and maturity assessments to ensure compliance and operational effectiveness.
* Perform control testing to assess the design and operational effectiveness of security controls, ensuring alignment with best practices.
* Monitor, evaluate, and continuously improve risk management processes, focusing on third-party risk, internal audits, and regulatory compliance.
* Work closely with control owners within the business units, and IT teams to provide guidance on security requirements, evidence collection, and control optimization. Audit & Consulting:
* Provide support for internal and external security audits, risk assessments, and regulatory reviews.
* Establish centralized evidence repositories for compliance documentation and audit readiness.
* Act as a liaison between security, IT, and business teams to ensure audit findings are addressed, risks are mitigated, and controls are optimized.
* Provide consultative support on security risks, best practices, and continuous improvement strategies. Qualifications & Experience
* 7+ years of experience in information security, risk management, or GRC roles.
* 3+ years of hands-on experience in control design, assurance, and audit functions.
* Deep knowledge of security frameworks (NIST CSF, ISO 27001, SOC 2, PCI DSS 4.0, NIST 800-53).
* Familiarity with CMMI maturity models for control evaluation and process improvement.
* Strong understanding of privacy regulations (NIST Privacy Framework, GDPR, CCPA) and data protection principles.
* Excellent analytical and problem-solving skills, with the ability to assess risks and improve control effectiveness.
* Strong communication and stakeholder management skills to work across business and technical teams.
* Preferred Certifications: CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), CISSP (Certified Information Systems Security Professional). Pay range: $ 112,000- $ 154,200 depending on experience and skill set Annual bonus target of 10% subject to terms and conditions of plan Benefits overview: [https://cdw.benefit-info.com/](https://cdw.benefit-info.com/) Salary ranges may be subject to geographic differentials
* We make technology work so people can do great things.
* CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada. A Fortune 500 company and member of the S&P 500 Index, CDW helps its customers to navigate an increasingly complex IT market and maximize return on their technology investments. Together, we unite. Together, we win. Together, we thrive. CDW is an equal opportunity employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by state and local law.