Senior Cyber Security Consultant
CISOSHARE is growing and searching for an experienced senior cyber security consultant to support client projects in a growing and diverse client portfolio. CISOSHARE is the leader in Cyber Security Program Development, headquartered in Orange County, California. Our team has over fifteen years of experience in this niche cyber security field, which has become one of the most in-demand cyber security services requested across major global and emerging businesses.
WHO WE ARE LOOKING FOR:
An accomplished cyber security professional with a distinguished background in Security Program development as a practitioner who has also demonstrated tangible success in developing and securing new business opportunities. The Senior Consultant combines strategy with technical knowledge with and applies practical cybersecurity experience to deliver meaningful solutions that address the strategic needs of clients and effectively communicate a shared vision by acting as the subject matter expert in Security Program Development across multiple customers.
The Senior Consultant provides a consultative approach by leveraging their experience from delivering and overseeing complex engagements in Security Program Development to effectively develop and articulate solutions to customers, and present in well-constructed deliverables that comprehensively and clearly solution client problems.
The Senior Consultant will be responsible for developing cyber security program to implement best practices and help secure clients’ information and IT environments. Support clients’ Chief Information Security Officers (CISOs) in the development and execution of risk management, vulnerability management, and incident management programs – policies, standards, processes and performance of tasks. Develop and maintain cyber security program communication framework, processes, and content to support key business stakeholders – Chief Executive Officers (CEOs), Chief Information Officers (CIOs), Chief Technology Officers (CTOs), Legal Counsel, and other key management.
RESPONSIBILITIES AND DUTIES:
- Lead projects to develop best practice policy and processes in security risk, vulnerability, and incident management
- Lead other security policy and process development projects to align clients with best practice frameworks
- Lead security program governance and communication framework projects
- Lead the designing and preparation security program dashboard metrics and reports
- Translate business requirements into technical and programmatic security requirements
- Communicate status of remediation tasks to the security program, compliance, and business management
- Lead executive security program review meetings
- Support business compliance with risk, audit, regulatory, and legal requirements
- Collaborate with CISOSHARE and client security architecture resources to implement and maintain a mature suite of preventive and detective safeguards
- Develop project management plans, work breakdown structures, and status reporting for deliverable tracking to clients
- Review deliverables for content and formatting.
- Travel up to 20%
- Perform other duties as assigned
QUALIFICATIONS AND SKILLS – EDUCATION, EXPERIENCE, AND TRAINING:
- Verbal communication extraordinaire – patient, know how to work with personalities, concisely articulate tough concepts
- Swift with a keyboard – strong “written” communicator with attention to detail, competent business writer, drive a point and not offend.
- Collaborator – able to work within CISOSHARE but able to step into any environment and figure out how to make progress.
- Professor – you’re able to teach clients or coworkers concepts that are not native. You are able to translate security concepts to the layman.
- A Pro – a minimum of seven years of established professional work experience
- Technically advanced – five years of work experience in a security or information technology role – helpdesk, engineering, architecture, GRC, IAM, vulnerability management, incident management, networking, etc.
- Knowledge of Active Directory, System Hardening, Concept of Least Privilege, network segmentation, and other relevant supporting knowledge
- Three years of cyber security consulting experience
- Experience with best practice and compliance requirements and standards – NIST 800-53, ISO 27001/2, PCI-DSS, HIPAA, SOC2, GDPR
- Culturally aware and adaptive customer service approach
- CISM, CISA, CISSP, Security+, CRISC, CGEIT, or other relevant certifications
- Bachelor’s degree, preferably Information Systems Management, Computer Science, Criminal Justice or related fields or equivalent
- Experience implementing or operating governance risk and compliance, vulnerability management, or incident management tools
CERTIFICATES, LICENSES, REGISTRATIONS:
- Must have a valid state driver’s license with a good driving record.
- Microsoft Office/Office 365
- Word processing software (Microsoft Word)
- Spreadsheet software (Microsoft Excel)
- Design software (Visio)
- Advanced in chat applications, online meetings, and collaboration tools
- Lots of growth opportunity
- Work in an emerging career field
- Experience a small company culture while supporting a global client portfolio