Information Security Consultant

Information Security Consultant

Vacancy expired!

The main responsibility of the Information Security Consultant role is to deliver services on behalf of the Security Consulting Delivery team by providing support and solutions for our clients customers. The Information Security Consultant will work as part of the Security Consulting team to provide security consulting for managed services and professional services related solutions. This will also include support on complex and strategic customer accounts and projects. Information Security Consultant will provide leadership assistance and Solution Architecture services in a pre-sale’s capacity. Information Security Consultant will also work in a supporting role and assist the with customer escalations. This may include security and non-security related services.

• Deliver security consulting engagements for customers following standard methodologies.
• Perform vulnerability and penetration testing across on-premises and cloud resources.
• Perform application vulnerability and penetration testing across tradition and cloud resources.
• Assist pre-sales client engagement opportunity initiatives, including the scoping, and creation of client engagement proposals.
• Assist with the development, delivery, and operational support of managed services and managed security services.
• Assess and investigate customer security programs and environments.
• Consult during customer engagements to evaluation the processes, controls, and associated risks with respect to information security.
• Develop customer security programs by reviewing existing programs; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points.
• Architect and design of security solutions for client environments.
• Develop information security plans and policies, customized to client requirements and risk profile.
• Advise customers on the implications of data privacy matters from a security perspective.
• Consult with customer and provide recommendations on IT solutions to help clients manage information security risk.
• Develop incident response plans, procedures, and advise customers on steps to achieve incident response readiness (logging and monitoring configurations, triage and escalation procedures, wider stakeholder liaison, etc.)
• Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow, and access control models.
• Document results of security risk analyses and formally present to clients.
• Formulate executive level recommendations related to information security strategy.
• Understand current regulatory environment and related implications to security management compliance.
• Provide oversight and leadership for other team members during client engagement execution, ensuring timely progress, achievement of objectives, and delivery quality.
• Enhances team competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
• Track emerging security practices and contribute to building internal processes.
• Continue to develop security skills and certifications necessary for the Information Security Consultant role.

• 6+ years in progressively sophisticated roles in information security consulting, coupled with demonstrable experience in various Cybersecurity domains, including risk management, compliance, security strategy, security architecture, security Consulting, and security operations.
• Cloud security expert experience required in AWS, Azure, and Microsoft 365 platforms. Cloud security certification required or within 6 months of hire.
• Experience in running an Incident Response plan during an incident.
• Experience and background in security operations related to SIEM, SOC, EDR, and MDR platforms.
• 4 Year College degree desired, Master’s Degree in related field is a plus.
• Consulting experience with a mid to large size enterprise customers.
• The position requires a strong, diverse technical background and exceptional oral and written communications skills.
• The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues.
• This position requires handling multiple engagements with overlapping deadlines. A demonstrated ability to write clear, coherent, and precise reports on a multiplicity of complex technical issues is essential.
• A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel.
• Information Security Consultant must have relevant security certifications, for example (CISSP, CISA, CISM, GIAC, OSCP, CEH, CNDA, Security+, CCNA, CCNP)
• Thorough understanding of Information Technology and technical expertise within other technology areas, cloud, datacenter, network, virtualization, and operating systems
• High-level technical skills supporting IT related projects and customers.
• Experience in process and methodology development including ability to recognize areas for internal improvement and make recommendations for improvement.
• Experience in building efficiency within teams and building team culture.
• Travel is required.

• In depth system knowledge in security related tools necessary for assessments and testing.
• Active CISSP and OSCP or comparable certification are required.
• Subject matter expert in Microsoft Azure and Microsoft 365 security.
• Must be able to work in an extremely fast-paced environment.
• Ability to meet the daily expectations of the team.
• Ability to multi-task and reprioritize as required by demands.
• Experience communicating across all levels of an organization with demonstrated experience communicating at an executive level.
• Excellent written and verbal communication skills.
• Must be detail oriented, well organized, and able to keep others organized.
• Must have the management skills necessary to help drive change and compliance across an organization.
• Must possess or be able to quickly gain a thorough understanding of Our client’s service offerings, technical capabilities, and technical direction.
• Demonstrated ability to address and resolve escalations.
• Demonstrated ability to identify and mitigate risk across projects.

• This position is based out of the Kittery, ME office. Required travel is expected to be no more than 50%, with the majority being local day trips that do not require overnight stays.