cover image
The Brattle Group

The Brattle Group

www.brattle.com

1 Job

591 Employees

About the Company

The Brattle Group answers complex economic, finance, and regulatory questions for corporations, law firms, and governments around the world. We are distinguished by the clarity of our insights and the credibility of our experts, which include leading international academics and industry specialists. Brattle has over 500 talented professionals across three continents. For more information, please visit brattle.com.

Listed Jobs

Company background Company brand
Company Name
The Brattle Group
Job Title
Cybersecurity GRC Specialist
Job Description
**Job Title:** Cybersecurity GRC Specialist **Role Summary:** Implement and manage governance, risk, and compliance (GRC) frameworks to ensure alignment with regulatory standards and organizational policies. Focus on risk mitigation, audit readiness, and promoting ethical compliance practices. **Expectations:** - Bachelor’s degree in Business, Law, Information Systems, or related field. - 3–5 years in GRC, compliance, risk management, or internal audit. - Certifications (e.g., CRISC, CISA, CIPP, CISSP, CISM) required. **Key Responsibilities:** - Develop/maintain policies for compliance with ISO 27001, NIST, SOC 2, GDPR. - Conduct risk assessments, update risk registers, and manage POA&Ms and ATU artifacts. - Collaborate with IT/teams to address control deficiencies and regulatory impacts. - Support internal/external audits via evidence gathering and documentation. - Lead compliance training, automation initiatives, and continuous monitoring. - Manage third-party risk documentation, vendor contract reviews, and penetration testing. - Maintain governance documents, audit trails, compliance logs, and board-level risk reports. **Required Skills:** - Proficiency in GRC platforms (ServiceNow, Archer, LogicGate). - Expertise in risk assessment methodologies (e.g., FAIR) and control frameworks. - Knowledge of data privacy laws (GDPR) and regulatory compliance requirements. - Ability to interpret legal regulations into actionable business requirements. - Experience with control testing, audit processes, and compliance automation tools. **Required Education & Certifications:** - Bachelor’s degree in relevant discipline. - Certifications (CRISC, CISA, CIPP, CISSP, CISM) mandatory.
Boston, United states
Hybrid
Junior
15-10-2025