About the Company:
FTI Consulting, Inc. is a global business advisory firm dedicated to helping organizations protect and enhance enterprise value in an increasingly complex legal, regulatory and economic environment. With more than 4,400 employees located in 26 countries, FTI Consulting professionals work closely with clients to anticipate, illuminate and overcome complex business challenges in areas such as investigations, litigation, mergers and acquisitions, regulatory issues, reputation management, strategic communications and restructuring. Our professionals are some of the most experienced leaders in their fields including: certified turnaround professionals, forensic accountants, corporate investigation specialists, intellectual property specialists, former political leaders, former chief executives, Nobel Laureate economists, banking and securities professionals, certified public accountants, e-discovery professionals, corporate, financial and crisis communications specialists, chartered financial analysts and industry experts. Since our founding in 1982, clients have turned to us for high-stakes issues that require specialized expertise. FTI Consulting was engaged to work on some of the biggest news stories of the last two decades including the Bernie Madoff investment securities scandal, the Stanford Financial Group investigation, the 2010 Gulf oil spill crisis, the Major League Baseball steroid investigation, and high profile corporate restructurings including Lehman Brothers, General Motors and CIT, just to name a few.
FTI Consulting continually strives to offer employees and eligible dependents, including domestic partners and eligible domestic partner children, a competitive and comprehensive benefits package. Please click here for more information.
FTI Consulting does not accept unsolicited resumes from external firms or agencies. FTI Consulting will not be responsible for placement fees associated with unsolicited resumes.
FTI Consulting is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, ancestry, citizenship status, protected veteran status, religion, physical or mental disability, marital status, sex, sexual orientation, gender identity or expression, age, or any other basis protected by law, ordinance, or regulation.
FTI Consulting’s Corporate functions provide support to our client service professionals so they are able meet and exceed the needs of our clients. Professionals within our Marketing and Communications, Information Technology, Finance and Accounting, Human Resources, Office Infrastructure, Legal, and Real Estate teams are dedicated to working together and delivering world class support across our global community.
ABOUT THE OPPORTUNITY:
Project Manager, Privacy & Third-Party Risk Management in the Corporate Information Technology Group - Enterprise Information Security and Privacy Division (EISP). This position is responsible for managing the Information Security and Privacy Third-Party Risk Management Program, serving as the primary point of contact for security assessments involving our clients and vendors/potential vendors. The Project Manager will also be responsible for the day-to-day operations leadership of the Data Privacy Program compliance, helping ensure alignment and compliance with internal policies and applicable Privacy regulations.
- Manage the overall capabilities and operating framework of the Third-Party Risk Management Program (structure, people, and project delivery processes), articulating the service delivery process, and managing the measurement metrics.
- Provide oversight and act as player/coach within the security/privacy compliance function.
- Liaison and act as primary point of contact role for client assessments with the zeal and professionalism expected of a customer facing role
- Plan and report of team activities using project/portfolio management methodology
- Provides training, instruction and guidance to other staff members as necessary.
- Participate in or provide consultation to special projects or various FTI organizations upon request or assignment, providing consultation on specific projects on a short-term basis, and assisting in the resolution of problems identified. The scope extends to corporate and business segments with FTI leveraging technology.
- Execute the Data Privacy compliance program by working with data owners for registration/catalogue of sensitive information within the environment to ensure that applicable internal privacy controls are followed
- Develop strategic relationships with vendors and technology suppliers to ensure efficient risk monitoring and /or response.
- Understand and keep abreast of emerging technologies and how they affect the business.
- Daily time entry to record billable and non billable time
- Take on responsibilities as a backup or alternate for other IT staff
- Periodic travel (limited) as necessary (possibly with short notice).
- 7+ years overall IT and/or Information Security experience
- 5+ years experience in IT audit/Security Assessment/Certification and Accreditation and planning; as well security/data privacy risk assessment.
- Proven experience in Information Security Third-Party Risk Management and/or compliance
- Strong understanding of information security principles, architecture and methodologies (including risk assessment)
- Experience with HIPAA/HITECH compliance
- Knowledge of ISO 27001/27002, COSO, and HITRUST CSF security and privacy compliance frameworks
- Solid understanding of IT audit methodologies (especially Sarbanes-Oxley)
- Knowledge of COBIT, ITIL, PMBOK, BCBOK and other IT governance frameworks
- Excellent written and verbal communication skills
- A Positive Leader
- Highly Organized and Self-Motivated, with Strong attention to detail
- Flexible, Autonomous or Team player - i.e. able to work independently with little guidance, or as a team contributor in a fast-paced, deadline-driven environment
- Excellent written and verbal communication skills
- Highly Adaptable to changing priorities (high flexibility)
- Possesses and evidences comprehensive knowledge of all information systems technology disciplines, with a high level of technical/functional expertise and knowledge.
- Must have a solid understanding of information technology, information security and IT risk management
- Must be an intelligent, articulate and persuasive leader who can serve as an effective member of the senior management team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff. Ability to effectively communicate and coordinate with senior business management and peers.
- Possesses solid understanding of regulatory compliance concerning Information Assets and Security/Privacy, and must have strong working knowledge of pertinent laws and the law enforcement community.
- Strong business and technical process design and documentation skills;
- Industry expertise of Information Security and Data Privacy best practices, standards, and technology.
- Experience in developing IT policies and procedures.
- Project Management Experience.
- Bachelor's Degree in Business, Management Information Systems or related field preferred; graduate degree a plus.
- Professional designations preferred: CISSP, CRISC and CTPRP; others: PMP, CISM, CIA, CISA, HCISPP a plus. (Note: Must be able to complete CTPRP certification)
POSITION CLASSIFICATION: Exempt