Founded by David and Catherine Gravel in 1994, GraVoc Associates, Inc. is a family-owned and operated consulting firm located in Peabody, Massachusetts. Since its inception, GraVoc has been committed to solving business problems for customers through the development, implementation, and support of technology-based solutions, including: software development – analysis, design, customization, and implementation of software applications; network infrastructure – LAN/WAN design, implementation and support services; security – risk management consulting, regulatory compliance, and IT assurance testing; web and media – web development, media production, and digital marketing. As a result, we are able to provide our customers with a single point of access to a comprehensive menu of services that meet all of their business process management needs.
As previously indicated, GraVoc is family-owned and operated—a dynamic that extends to include all of our employees. First and foremost, we are dedicated to the health, wellness, and prosperity of our employees and their families. Furthermore, we are committed to providing a fun, challenging, and rewarding work experience through which our employees and their families can thrive. While we, as a company, always aspire to grow and succeed, we do not let these objectives diminish our dedication to one another or to our customers.
Position Available: Information Security Consultant
We are seeking a dedicated individual with one (1) or more years of experience in IT, information security and/or regulatory compliance consulting within the financial services industry. Candidates should have a Bachelor of Arts or Bachelor of Science degree in Information Technology, Computer Science, Cybersecurity, Information Security, or a related discipline. Additionally, candidates will need strong communication skills (both written and verbal), and knowledge of information security-related regulations (GLBA, HIPAA, 201 CMR 17.00) and standards (NIST, SANS, etc.).
Candidates will be responsible for performing the following:
- Risk assessments
- Compliance Gap Assessments
- IT Audit
- Policy and Procedure Development
- Disaster Recovery and Business Continuity Planning, Testing, and Training
- Employee Security Awareness Training
Successful candidates will be prepared to travel to customer sites throughout New England. Professional certifications for information security management (e.g. CISM), information systems auditing (e.g. CISA), or similar qualifications are preferred but not required.