The Security Consultant is responsible for performing IT audits, general risk assessments and third-party risk assessments.
Is able to create/improve security awareness training and develop/improve policy life-cycle management.
Contribute to the development and the growth of our Cyber & Network Security Professional Services through a participation in events in this field, in the development of business and in the development of our capabilities and solutions.
Serve as a Subject Matter Advisor within Cyber & Network Security Services providing thought leadership, insights, and helping to develop Cyber & Network Security Services
Contribute to delivery of Security Professional Services engagements
Execute security services engagements, within the Security Business, which may require contributing subject matter expertise management and collaborating with resources across the company.
Execute consulting engagements, assessments, and proofs of concepts to contribute relevant subject matter and Cyber & Network Security Services industry insights.
Monitor changes or advancements in Cyber & Network Security Services and security technologies to explore new ways can extend competitive advantage and drive growth.
Contribute to analysis of the costs, the value and the risks of new systems and technology, and provide sound, cost-effective recommendations to the managers to create, manage and augment Professional Security Services portfolio
Contribute to pre-sales consulting engagements requiring Cyber Security and Network Security expertise to assist with scoping, architecture suggestions as well as high level costing exercises.
Qualifications:
Security consultant with a policy life-cycle management background
Application & Security risk management and information security best practices
3+ years of IT auditing (e.g., SOX, PCI-DSS, HIPAA, NIST 800-53, etc.) and Risk Assessments and Remediation
Proficiency with Governance, Security, Compliance and Risk methodologies and best practice
Third Party Risk Management expertise and experience in carrying out Third Party Assessments
Third Party Residual Risk evaluation
Capability to create efficiencies through automation and improved practice.
Experience in implementing cyber security solutions in large enterprises or government agencies.
Experience in various functions of the Enterprise receiving cybersecurity services, which may also involve technology partners.
Ability to collaborate within a decentralized organization.
Experience working in collaborative environments and high-performance teams.