Security Assessments & Strategy Consultant (full time position)

Location: remote, remote
Date Posted: 03-06-2018
Job Description: 
Assessments vary from standards-based models (e.g., the NIST Cybersecurity Framework) to tailored, intensive cyber defense assessments.  In this position, the candidate will have the opportunity to lead and execute enterprise-wide assessments and strategic projects that typically span the entirety of the client’s technology footprint.  
The ideal candidate will be knowledgeable regarding security standards and technologies, experienced with designing and implementing security controls and solutions, diligent and thorough in generating written work products, and adept at interacting with clients at all levels of the organization.
Required Qualifications:
  • Experience providing cybersecurity consulting services or performing significant roles within enterprise security organizations.
  • Experience performing assessments and/or audits, including the authoring of detailed reports containing findings and recommendations to enhance the organization’s cybersecurity programs.
  • Experience developing strategic roadmaps, including the prioritization of high-value security initiatives and rationalization of investments.
  • Experience working across organizational lines of business to implement enhanced security controls and defensive mitigations.
  • Previous experience developing and delivering briefings to senior and executive leadership teams.
  • Knowledge of prevailing industry standard security control frameworks, including the NIST Cybersecurity Framework, CIS Critical Security Controls, etc.
  • Knowledge of various security program functions including: Cyber Architecture & Engineering, Security Operations, Incident Response, Cyber Threat Intelligence, Threat & Vulnerability Management, Identity & Access Management, Governance, Risk & Compliance, Security Education & Awareness, etc.
  • Knowledge of various network, system, and application security technologies including: SIEM, Firewall, IDS/IPS, Anti-Virus, DLP, Email Security Gateway, Web Proxy, Malware Sandbox, Vulnerability Scanner, EDR, WAF, CASB, etc.
  • Experience leading technical projects and ensuring contractual requirements are delivered with excellence.
  • Strong Microsoft Office skills, including Word, Excel, PowerPoint, OneNote, Visio, and Project.
  • Strong communication (both verbal and written), as well as the capacity to build strong relationships with client executive and technical leadership.
  • Self-motivated, able to work both independently and as part of a team.
  • Bachelor’s Degree in a technology-related field and/or equivalent work experience.
Desired Qualifications:
  • Relevant information security certifications such as CISSP, GCCC, GCIH, GCFE, CISM, CISA, and CEH.
  • Experience providing consulting services to Fortune/Global 1000 clients.
  • Experience designing, organizing, and executing security table top exercises and training workshops.
  • Experience designing and developing processes and procedures to include cyber analyst workflows, run books, playbooks, etc.
  • Experience designing, implementing, and operating enterprise-class solutions for network, server, endpoint, or application security domains.
  • Knowledge of industry-recognized cyber analysis frameworks (Diamond Model, ATT&CK, Kill Chain, NIST Incident Response, etc.).
  • Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
  • Experience with offensive security testing and assessment tools and platforms such as Dradis, Nmap, Nessus, Metasploit, and Kali.
  • Experience working within physical security operations environments and technologies.
  • Experience working with specialized industry cybersecurity standards, including FFIEC CAT, DHS CSET, ISO 27000 series, IEC-62443, DoE C2M2, NERC-CIP, and NRC RG 5.71/NEI 08-09
  • Experience developing proposals and statements of work to support business growth.
  • Experience with business and/or technology change management programs.
  • Master’s Degree in a technology-related field.
Primary Location: Remote/Virtual within Continental US
Travel Requirement: 25-50%
this job portal is powered by CATS