SPECIFIC JOB SUMMARY DESCRIPTION
As an Information Security Consultant, you will deliver cybersecurity risk and compliance support to the Information Security team in support of projects that will deliver increased cybersecurity maturity and reduce overall risk. You will be assigned to projects and dotted line into functional managers to assist them in delivering cybersecurity projects. These projects align with the NIST cybersecurity framework and support the overall mission, vision, and objectives of the Chief Information Security Officer (CISO).
We are hiring in any of the following cybersecurity competencies:
- Information Security Strategy & Architecture – application of the NIST cybersecurity framework, security architecture, secure SDLC, security tool engineering & design, hardening of systems and applications, etc.
- Governance – policy development & management, policy exceptions
- Risk - risk assessments, risk remediation plans, third party risk, securing the supply chain
- Awareness & Training – security training & awareness activities, graphic artist, technical writing
- Offensive Security – penetration testing, vulnerability assessments & management
- Investigations – security incident response, digital forensics, investigations
- Threat Engineering – threat intelligence, security incident response, reverse engineering of malware
- Security Operations Center – Level 2 incident analysts, asset management, Splunk management
- Security Project Management – project and program management
The consultant will be responsible for providing the technical and scope direction, in coordination with all other Information Security management, for Information Security programs and projects.
The consultant is expected to work autonomously and collaboratively with other Information Security managers and associates.
The Consultant constantly and consistently demonstrates innovation and ability to challenge the status quo.
- Project Deliverables – Performs tasks to complete project deliverables.
- Problem Solving - The consultant must be able to dissect a problem, engage with the right resources, and methodically solve problems. The consultant must be able to document and explain the root cause to problems and make recommendations on how to resolve the issue or problem.
- Technology & Trends - The consultant is responsible for staying current on Information Security technologies and trends.
- Risk-Based Decisioning – The consultant is able to make risk-based decisions.
- Best Practices - The consultant is an expert in information security processes and best practices.
- Training & Mentoring – The consultant is a technical mentor and provides coaching to other security associates.
- Process Development – The consultant must be able to develop, document, and implement complex business processes across multiple teams and domains.
- Business Acumen – Must be able to demonstrate an ability to harmonize information security initiatives, processes, tools with business requirements, strategies, and budget.
- Security Incident Response – The consultant is responsible for assisting the SIRT commander by reviewing and consult on investigation, containment, remediation, and recommendations during a high-severity security incident.
Skills & Experience
- 8+ years of information security experience.
- At least 5 years of position specific experience.
- Strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness.
- Deep understanding of risk, business acumen, and ROI.
Job Qualifications and Educational Requirements
• Provide three current work references & pass a criminal background check
• Pass a proficiency exam related to the role