Fueled by our shared passion and expertise, CDW delivers innovative technology solutions for our customers. We’re also committed to fostering an environment that embraces collaboration, celebrates integrity, inclusivity, and individuality, and paves the path for personal and professional growth. Experience a life in balance and join us on the journey forward.
Your role at CDW is of the utmost importance to the company’s mission, objectives, and reputation. As a Senior GRC Consultant I, you will manage functional areas within GRC to minimize risk and optimize our compliance efforts. Your ability to work seamlessly in a high-velocity environment, maintain a risk register, support contract reviews, assess third-party risks, improve existing processes, and handle policy exception workflows will be essential to our success.
The ideal candidate has a strong background in information security, GRC frameworks, and risk management and is focused on continuous process improvement and building strong stakeholder relationships.
What you will do:
- Independently review contractual agreements and requirements related to information security and information technology-related compliance. Identify gaps and develop strategies to meet contractual obligations
- Maintain a comprehensive global security risk register, identifying and evaluating potential risks and their impact on our operations
- Conduct assessments of third-party vendors and partners to ensure they meet our security and compliance standards
- Support the development and maintenance of security related policies
- Manage and document policy exception requests, ensuring alternatives to an exception are considered, and that exceptions are reviewed, approved, and tracked within established timelines
- Support the implementation and maintenance of a global GRC framework and tool
- Analyze data to identify trends, compliance gaps, and areas for risk mitigation
- Collect and prepare risk metrics for various audiences
- Conduct risk assessments to identify, evaluate, and prioritize information security risks. Develop risk mitigation strategies and work with stakeholders to implement controls and measures
- Thrive in a fast-paced work environment, remaining composed and effective under pressure
- Oversee and ensure compliance with regulatory requirements, industry standards, and internal policies
- Stay informed regarding industry trends, regulations, and best practices in GRC to drive ongoing improvements
- Collaborate with business customers to translate information security risks and requirements into business terms
- Facilitate risk discussions, provide guidance, and promote risk-aware decision-making
What we expect of you:
- We value experience, skills, drive, aptitude, and attitude over university degrees and certifications
- 5 years’ experience in information security, GRC, or related roles, with a focus on program maturity and optimization
- Strong analytical, critical thinking, and problem-solving skills
- Strong knowledge of multiple regulatory requirements and compliance frameworks (NIST, ISO, SOX, SOC, PCI, GDPR, etc.)
- Excellent understanding of information security principles, risk assessment methodologies, and security controls
- Experience with GRC tools and platforms is preferred
What you can expect from us:
Diverse, award-winning culture and work/life benefits.
- An inclusive culture that empowers you to bring your best true self and your best ideas. We know diverse perspectives lead to better problem solving and better solutions for our customers.
- A learning environment that empowers you to develop your career with comprehensive resources and support, ongoing education and skills-development training, and robust advancement opportunities.
- Health, dental, and vision coverage; coworker stock purchase program; paid vacation time and sick days; tuition reimbursement; coworker discounts; and other generous perks.
Who we are:
We make technology work so people can do great things.
CDW is a Fortune 500 technology solutions provider to business, government, education, and healthcare organizations in the United States, Canada, and the United Kingdom. We help customers navigate and be successful in an ever-changing world by providing them with the technology advice and solutions they need—when, where, and how they need them. We make technology work so that people can do great things.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.