Heartland Business Systems

Information Security Consultant

Heartland Business Systems$80K — $110K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 2+ years in information security or compliance consulting experience
  • 2+ years implementing Cybersecurity Programs
  • 2+ years implementing Compliance and Governance Programs
  • CISSP or equivalent certification required
  • Strong experience with regulatory/compliance frameworks like PCI, HIPAA, SOX
  • Demonstrated ability to communicate IT risks to management
  • Experience in project management and delivering client-focused services

Responsibilities

  • Audit IT systems for compliance with regulatory requirements
  • Recommend improvements to technical and administrative controls
  • Perform risk assessments and suggest mitigation strategies
  • Develop materials to support client implementation of security controls
  • Assist during incident response for security events
  • Achieve a minimum of 1450 billed hours per fiscal year

Benefits

  • Professional development opportunities
  • On-the-job training
  • Collaborative and diverse work environment
  • Engagement with a variety of industries
  • Opportunity to work as a Virtual CISO under experienced mentorship
Full Job Description
Job Type

Full-time

Description

Position Summary:

Heartland's team of Information Security Consultants provide IT risk management, information security, and compliance consulting services to clients in a variety of industries. Consultants routinely perform risk assessments, audit systems for compliance, work with IT and business leaders to identify and properly mitigate risks, recommend improvements for administrative, technical and physical controls, help clarify compliance requirements, and lead incident response activities. The Information Security Consultant may act as vCISO for a client under the supervision of a Senior Consultant or Practice Manager.

Roles and Responsibilities/ Essential Functions:
  • Audit, test, or review IT systems, network or application architecture and business processes for compliance with best practices and/or regulatory requirements.
  • Review and recommend technical, administrative, and physical controls to mitigate identified risk.
  • Perform risk assessments of IT infrastructure and applications and make recommendations for improvements based on the client's stated risk tolerance levels.
  • Develop materials and processes to assist clients with implementing both technical and non-technical controls.
  • Assist with incident response during security events.
  • Minimum of 1450 billed per fiscal year prorated based on start date. These charge hour requirements will be balanced against professional development and on the job training.


Requirements

Competencies:
  • Accountability - Accountability looks at the extent to which an individual is willing to accept responsibility.
  • Active Listening - Active listening looks at the extent to which an individual actively attends to, conveys, and understands the comments and questions of others.
  • Adaptability - Adaptability looks at the extent to which an individual can fit into a changing working environment.
  • Communication - Communication skills look at the extent to which an individual communicates with economy and clarity, actively engaging in conversations in order to clearly understand others' message and intent, and receives and processes feedback.
  • Customer Oriented - Customer orientation implies a desire to serve both external and internal clients by focusing effort on meeting the client's needs, understanding their concerns, and seeking to build trust.
  • Decision Making - Decision making skills look at the ability of the individual to select an effective course of action while controlling resources and expenditures.
  • Initiative: Initiative looks at the ability of the individual to act and take steps to solve or settle an issue.
  • Problem Solving - Problem solving skills looks at the ability of the individual to recognize courses of action which can be taken to handle problems or potential problems, and applying contingency plans to solve those problems.
  • Project Management: Project management skills looks at the ability of the individual to demonstrate an understanding of planning, organizing, staffing, directing, and controlling work tasks.
  • Working Under Pressure - Working under pressure looks at the ability of the individual to maintain composure when exposed to stress.

Required Experience:
  • 2+ years of related experience
  • 2+ years implementing Cybersecurity Programs
  • 2+ years implementing Compliance and Governance Programs

Preferred Experience:
  • 4+ years of IT Systems implementation or management experience
  • 4+ years implementing compliance programs
  • 4+ years in leadership role

Required Skills, Education and/ or Certifications:
  • CISSP or other current industry standard certifications in areas of security expertise
  • Experience as a security consultant, analyst, engineer, system administrator, IT lead, or similar role focused on information security responsibilities
  • Ability to identify and evaluate risk to IT systems and associated business processes and communicate risks to management
  • Demonstrated experience with regulatory/compliance requirements (e.g., PCI, HIPAA/HITRUST, SOX, FISMA), information security frameworks and controls (e.g., NIST, ISO, CIS)
  • Demonstrated experience reviewing and recommending appropriate technical, administrative, and physical controls
  • Demonstrated experience selecting and implementing appropriate risk mitigation strategies to ensure IT systems remain within established risk tolerance levels
  • Ability to develop policies, standards and baseline configurations
  • Strong attention to detail and ability to document findings and convey information
  • Ability to manage project deliverables and deadlines
  • Ability to provide superior customer service via phone and email
  • Strong listening and presentation skills
  • Ability to clearly communicate with co-workers, management, clients, and vendors

Preferred Skills, Education and/ or Certifications:
  • Healthcare compliance, privacy, or security certification
  • Certified Information Systems Security Professional (CISSP) or equivalent
  • Certified Information Systems Auditor (CISA) or equivalent (CISM)
  • Certified in Risk and Information Systems Control (CRISC) or equivalent

#HBS

About Heartland Business Systems

Heartland Business Systems is an information technology services company that provides a range of services, including network design and implementation, cloud computing, and cybersecurity. The company works with a variety of clients, including small businesses, government agencies, and educational institutions. Heartland Business Systems is headquartered in Chippewa Falls, Wisconsin and has additional offices in Minnesota and Illinois. The company was founded in 2002 and has since grown to become a leading provider of IT services in the Midwest.
Learn more about Heartland Business Systems
Size
200 employees
Industry
Founded
2002

Similar Jobs

More Jobs at Heartland Business Systems

More Information Technology Jobs

Find similar Information Security Consultant jobs: