Apply on Employer Site

CDW · 1 day ago

GRC Consultant II - Contract-To-Perm

United States

Contract

Remote

Mid Level

$70K/yr - $85K/yr

3+ years exp

CDW is a company that emphasizes trust and commitment in delivering services to its customers. The GRC Consultant II will support the Global Information Security organization in maintaining compliance with various cybersecurity frameworks and assist with documentation, control validation, and risk management activities.

AnalyticsArtificial Intelligence (AI)Cyber SecurityGraphic DesignHardwareInformation TechnologySoftware

No H1B

U.S. Citizen Only

Hiring Manager

Stephanie Calk (She/Her)

Responsibilities

Work with control owners to ensure timely execution and effectiveness of controls

Conduct interviews for security controls and collect objective evidence for compliance assessment

Develop and update Operational Plan of Action (OPA) to address gaps and compliance issues

Remediate findings, track progress, and reassess post-remediation

Draft, update, and finalize System Security Plan (SSP) for systems in scope and new systems under evaluation

Use the GRC platform to manage controls effectiveness status, documentation, and evidence

Update or create policies and procedures to support compliance

Develop detailed architecture and data flow diagrams for all in-scope systems

Review and document all connections (APIs, ports, protocols, services) for in-scope systems and physical locations

Identify and document all external and cloud service providers associated with in-scope environments

Perform other work as assigned to support overall Security Risk Management team objectives

Qualification

CMMC Level 2NIST SP 800-171Security Risk ManagementSystem Security Plan (SSP)Architecture DocumentationCloud Service ComplianceAnalytical SkillsCCMC Certified ProfessionalCISSPCISADocumentation SkillsCritical ThinkingProblem-Solving SkillsCommunication SkillsAttention to DetailInterpersonal Skills

Required

Bachelor's degree with 3 years of experience in security risk management, audit, compliance, or related roles, to include 1-year hands on experience with CMMC Level 2, NIST SP 800-171, or similar frameworks, OR

7 years of total Information Technology experience including 3 years of experience in security risk management, audit, compliance or related roles, to include 1-year hands on experience with CMMC Level 2, NIST SP 800-171, or similar frameworks

Strong understanding of SSP, documentation and remediation activities, and compliance evidence gathering

Experience with architecture documentation and data flow diagrams

Understanding of APIs, ports, protocols, and system interconnections

Knowledge of cloud service provider compliance requirements

We value experience, skills, drive, aptitude, and attitude towards university degrees and certifications

Strong analytical, documentation, critical thinking, and problem-solving skills

Strong attention to detail and ability to understand legal requirements in contracts

Ability to conduct interviews and communicate effectively with technical and non-technical stakeholders

Preferred

CCMC Certified Professional (CCP), CISSP, CISA or similar compliance/security certifications, a plus

Master's degree, a plus

Company

CDW

Glassdoor3.9

At CDW, we know how to make technology work so people can do great things.

Founded in 1984

Vernon Hills, Illinois, USA

10001+ employees

http://cdw.com

Funding

Current Stage

Public Company

Total Funding

$58.74M

2015-08-01Post Ipo Equity· $58.74M

2013-06-27IPO

2008-07-31Series Unknown

Leadership Team

Christine Leahy

President & CEO

Sanjay Sood

Chief Technology Officer

Recent News

Government Technology US

FETC26: How to Navigate New Changes to E-Rate

2026-01-16

EIN Presswire

Templar Shield and CDW Announce Strategic Partnership

2026-01-05

MarketScreener

CDW Corp enters $2,884.5 million senior unsecured credit facility - SEC filing

2025-12-24

Company data provided by crunchbase