This role will be part of a cross-functional Proactive Security Services team that manages, executes, and delivers various Security Advisory engagements for our clients.
The responsibilities of this position include but are not limited to the following:
- Build and lead teams of consultants in performing cybersecurity consulting engagements.
- Manage and lead delivery of various client engagements, ensuring engagement
- Assist with various practice development and client engagement pursuit initiatives, including the development of client engagement proposals.
- Assess and investigate client IT security programs and environments via interviews and technical information analyses.
- Understand existing client processes and controls and associated risks with respect to electronic and non-electronic information security.
- Develop client security programs by reviewing existing programs; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points.
- Architect and design of security solutions (SIEM, IDS, etc.) for client environments.
- Develop Information Security Plans and Policies, customized to client requirements and risk profile.
- Develop incident response plans and procedures, and advise clients on steps to achieve incident response readiness (logging and monitoring configurations, triage and escalation procedures, wider stakeholder liaison, etc.)
- Advise clients on the implications of GDPR and other data privacy matters from a security perspective.
- Provide recommendations on IT solutions to help clients manage information securityrisk.
- Assess IT network and securityarchitectures as they relate to managing identities and access privileges, delegated administration models, workflow and access control models.
- Document results of securityrisk analyses and formally present to clients.
- Formulate executive level recommendations related to Information Security strategy.
- Understand current regulatory environment and related implications to security management compliance.
- Enhances team competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
- Track emerging security practices and contribute to building internal processes.
- Assist with resource management and staffing for the practice.
- The ideal candidate would have 7+ years in progressively sophisticated roles in information security consulting coupled with demonstrable experience in various Cybersecurity domains, including risk management, compliance, security strategy, securityengineering, and/ or operations.
- The position requires a strong, diverse technical background and truly exceptional oral and written communications skills.
- The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues.
- This position requires handling multiple engagements with overlapping deadlines. A demonstrated ability to write clear, coherent and precise reports on a multiplicity of complex technical issues is essential.
- A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel.
- The ability to travel is required.
- Security certifications (CISSP, CISA, CISM, GIAC, OSCP) a plus.