×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Business Analyst IT Consultant Information Security

Senior Consultant - IT Governance, Risk & Compliance; GRC

Job in Ashburn, Loudoun County, Virginia, 22011, USA
Listing for: Infinitive Inc
Full Time position
Listed on 2026-05-14
Job specializations:
  • IT/Tech
    Cybersecurity, IT Business Analyst, IT Consultant, Information Security
Salary/Wage Range or Industry Benchmark: 90000 - 120000 USD Yearly USD 90000.00 120000.00 YEAR
Job Description & How to Apply Below
Position: Senior Consultant - IT Governance, Risk & Compliance (GRC)

Senior Consultant – IT Governance, Risk & Compliance (GRC)

ABOUT INFINITIVE

Infinitive is a data and AI consultancy that enables its clients to modernize and operationalize their data to create lasting and substantial value. We bring deep industry and technology expertise to drive and sustain adoption of new capabilities, matching our people and personalities to our clients' culture while delivering the right mix of talent and skills to enable measurable value.

Infinitive has been named Best Small Firms to Work For by Consulting Magazine 8 times, most recently in 2025, and has also been recognized as a Washington Post Top Workplace, Washington Business Journal Best Places to Work, and Virginia Business Best Places to Work.

POSITION OVERVIEW

The Senior Consultant – IT GRC is a key contributing team member within Infinitive's Transformation Practice. In this role, you will apply your expertise in IT governance, risk management, and compliance to drive successful client engagements from initiation through delivery. You will serve as a primary liaison between client stakeholders and internal teams, translating complex regulatory and risk requirements into actionable frameworks and project plans while ensuring delivery quality, schedule adherence, and measurable client value.

ROLES

& RESPONSIBILITIES GRC Program Delivery
  • Lead or co-lead the design, implementation, and assessment of IT GRC programs including risk management frameworks, control libraries, and compliance roadmaps
  • Conduct risk assessments, control gap analyses, and maturity evaluations aligned to industry frameworks (NIST CSF, ISO 27001, SOC 2, COBIT, CMMC, FedRAMP)
  • Develop and maintain GRC deliverables including policies, standards, control matrices, risk registers, and audit evidence packages
  • Support clients in remediating audit findings and implementing sustainable controls to reduce residual risk
  • Track project progress against milestones, flag risks to leadership, and take ownership of assigned components with accountability for on-time, high-quality delivery
  • Maintain 90%+ billability in support of Infinitive's organizational strategy and personal bonus eligibility
Compliance & Regulatory Analysis
  • Perform regulatory and compliance gap assessments across frameworks such as HIPAA, PCI-DSS, SOX, GDPR, CCPA, FISMA, and sector-specific requirements
  • Act as primary author of—or provide substantial input to—client-facing deliverables including compliance roadmaps, risk treatment plans, audit readiness reports, and remediation trackers
  • Map overlapping control requirements across multiple frameworks to streamline compliance efforts and reduce duplication
  • Use data to understand the scope of client risk exposures, generate insights, and develop recommended solutions in collaboration with project leadership
IT Risk Management
  • Facilitate risk identification and prioritization workshops with client stakeholders across IT, security, legal, and business functions
  • Develop and maintain risk registers, risk heat maps, and third-party/vendor risk assessment programs
  • Support the integration of GRC tooling (e.g., Service Now GRC, Archer, One Trust, Vanta) to automate risk and compliance workflows
  • Demonstrate a clear understanding of project goals and client ROI; proactively surface potential needs, pain points, and risk exposures to leadership
Client Relationship Management
  • Maintain professional, responsive, and constructive client relationships with the goal of becoming a trusted GRC advisor
  • Present findings and deliverables to client stakeholders including CISOs, CIOs, compliance officers, and audit committees
  • Communicate clearly and with discretion across internal and external audiences, including senior executive and regulatory stakeholders
  • Identify new opportunities through client interactions and raise them to Infinitive leadership to support sales activities
Team & Organizational Contribution
  • Collaborate cross-functionally with Infinitive and client teams including cybersecurity, data, and cloud engineering practices
  • Actively learn adjacent skill sets and engage with fellow team members to build broad consulting capabilities
  • Participate actively in Infinitive's cultural…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search