Job Description & Details
Governance, Risk, and Compliance (GRC) expertise is in high demand as organizations tighten security and regulatory standards. This senior-level role in Atlanta offers a chance to lead GRC initiatives for large enterprises in aerospace and manufacturing. Joining as a contract consultant lets you apply deep technical knowledge while enjoying the flexibility of a project‑based engagement.
Job Summary
We are seeking a Senior GRC Consultant to design, implement, and oversee governance, risk, and compliance programs for a major aerospace/manufacturing client. The consultant will conduct risk assessments, lead audits, map controls to frameworks such as NIST, ISO 27001, SOC 2, and COBIT, and drive adoption of ServiceNow GRC tools while advising senior stakeholders.
Top 3 Critical Skills Table
| Skill | Why it's critical | Mastery Level |
|---|---|---|
| GRC Frameworks (NIST, ISO 27001, SOC 2, COBIT) | Provides the baseline for compliance and risk posture across the organization | Senior |
| Risk Assessment & Audit Execution | Directly impacts the ability to identify, quantify, and remediate threats | Senior |
| ServiceNow GRC Tooling | Enables automation, reporting, and continuous monitoring of controls | Senior |
Interview Preparation
- Describe your end‑to‑end process for conducting a NIST‑based risk assessment.
What the interviewer is looking for: Understanding of NIST categories, asset identification, threat/vulnerability analysis, risk scoring, and remediation planning. - How have you mapped ISO 27001 controls to a ServiceNow GRC module?
What the interviewer is looking for: Practical experience with control libraries, data import, workflow configuration, and reporting. - Walk us through a recent SOC 2 audit you led. What were the biggest challenges and outcomes?
What the interviewer is looking for: Ability to manage audit scope, evidence collection, gap remediation, and communication with auditors. - Explain how you would integrate COBIT principles into a manufacturing‑focused compliance program.
What the interviewer is looking for: Knowledge of COBIT governance processes and how they align with operational risk in industrial environments. - What strategies do you use to communicate complex GRC findings to non‑technical senior stakeholders?
What the interviewer is looking for: Clear storytelling, use of visual dashboards, risk‑based prioritization, and actionable recommendations.
Resume Optimization
- GRC Consultant
- Risk Assessment
- NIST Framework
- ISO 27001
- SOC 2
- COBIT
- ServiceNow GRC
- Audit Management
- Stakeholder Communication
- CISA / CRISC / CISSP / CISM certifications
Application Strategy
When reaching out to the recruiter, send a concise email that starts with a friendly greeting, briefly states your interest in the Senior GRC Consultant role, and attaches your updated resume. Highlight your 7+ years of GRC experience, mention specific projects where you led NIST/ISO 27001 assessments or implemented ServiceNow GRC, and explicitly reference the certifications you hold (e.g., CISA, CRISC). End by thanking the recruiter and indicating your availability for a conversation.
Career Roadmap
| Current Role | Typical Experience | Core Focus | Next Position |
|---|---|---|---|
| Senior GRC Consultant | 7‑9 years in GRC, audits, frameworks | Program design, stakeholder advisory | Lead GRC Consultant |
| Lead GRC Consultant | 10‑12 years, multi‑project leadership | Strategy, tool governance, team mentorship | GRC Program Manager |
| GRC Program Manager | 12‑15 years, enterprise‑wide initiatives | Portfolio oversight, budget, cross‑domain alignment | Director of GRC |
| Director of GRC | 15+ years, executive sponsorship | Organizational risk culture, board reporting | VP/Chief Risk Officer |