We currently are seeking a highly motivated Senior Consultant to support client engagement teams, work with a wide variety of clients to deliver professional services, and participate in business development activities on strategic and global priority accounts.
· 5+ years of experience in Information Security; Consulting experience preferred
* Must come from a technical background as a former Network Engineer or Systems Administrator
· Experience working in client facing positions managing and performing on time delivery of projects
· Experience with implementing and maintaining compliance around various governance platforms, such as HIPAA, NIST, COBIT, PCI, ISO 2700X, GDPR, etc.
· Experience discussing and making recommendations to customers around information security architecture, governance, and strategic planning
· Experience creating client facing reports geared toward a non-technical audience
· Experience in various areas of IT and Information Security such as DFIR, Pentesting, Networking, Desktop and Server Administration, Development, etc.
· Experience with security tools such as IDS/IPS, SEIM, Endpoint Security, MDM, Vulnerability Scanners, etc.
· CISO or vCISO experience a big plus
Duties and Responsibilities
· Conduct gap assessments to assess compliance with regulatory, statutory, and governance frameworks
· Analyze client information security systems and business practices to identify risks and propose strategies to mitigate unacceptable risks
· Serve as subject matter expert in the area of applicable information protection, control, and privacy standards, laws, regulations
· Prepare detailed deliverables analyzing various identified risks and assessing their impact on client business practices
· Design and implement security programs designed to identify, monitor, and mitigate risks, including creating metrics, governance policy, and implementing operational controls
· Know relevant issues and considerations in implementing security programs, controls, processes and practices
· Recommend, design, and create Information Security policies, standards and guidelines for clients
· Maintain strong relationships with and communicate security concerns to clients.
· Provide Pre-sales consulting and recommendations to clients as part of the sales process
· Assist sales staff in qualifying leads and generating proposals
· Perform other duties as assigned
Knowledge and Abilities
· Strong understanding of Information Security and consulting experience, as well as critical thinking and excellent writing skills.
· Process oriented and a person with strong analytical skills
· Excellent communication and presentation skills with technical and non-technical team members and end-users
· Must be motivated and able to take ownership of tasks through completion
· Strong customer service skills, including empathetic listening skills
· Teamwork skills to maintain strong working relationships within and outside IT in order to develop a results-oriented work environment
· Excellent follow-up skills to see tasks through to resolution
· Excellent organizational skills, prioritizing and managing multiple tasks
· Ability to share knowledge, share work plans, teach, learn, and manage conflict
· Ability to work independently
· SME on at least one governance framework (ISO 2700X, COBIT, NIST, HIPAA, PCI, etc.)
· Strong knowledge of various technical security controls
· Willing to travel up to 25%
Education and Training
· High School Diploma required; Bachelor’s Degree in Information Security, Computer Science or related field, preferred
· Technical IT and Information Security Certifications Preferred
· CISSP, CISM, CISA, or equivalent preferred