We are seeking a top-notch Cybersecurity Advisory Analyst for our client, a Cybersecurity company that provides rapid, robust, and reliable security services including identity management, security monitoring, security testing and assessments, managed detection and response, incident response, talent development and executive support to be based in Texas or a Midwestern state.
In this role, you will report to the Managing Director of the CISO Advisory team, providing consulting services for clients by conducting assessment work and analysis of client information security programs and cybersecurity operations. You will provide advisory consultation supporting client technology teams, CIOs, CISOs and executive leaders to meet their regulatory requirements, management of technology and cybersecurity risk, and strategic planning for improving cybersecurity posture. Working independently and within a team construct advising clients through consulting engagements, assessment services, and implementation/mitigation projects.
In this role, you will work remotely, based in Texas or a Midwestern state, and requires approximately 50-75% travel to client locations.
_____________________________________________________________________________________________
--In this role, you will:
* Conduct assessments of client organization capabilities
* Develop gap analysis to compliance requirements
* Construct client deliverables including reports, briefing presentations and recommendations
* Work with clients to mitigate cybersecurity risks and implement security program functions
* Conduct research to identify appropriate solutions and recommendations
* Participate in the development of incident response exercises and facilitate exercises for clients in table-top or expanded exercise formats
* Work within existing service delivery frameworks and help to develop service delivery
--Your background:
* Able to communicate effectively through writing, speaking, and presenting to groups and key client stakeholders
* Team player capable of productively contributing to the company mission by supporting fellow teammates and clients in a dynamic growing and changing environment
* Knowledgeable of network and security architecture principles, firewall and IDS/IPS fundamentals, endpoint security systems and other security protective/detective systems
* Experience with IT system and/or network administration
* Knowledgeable of cybersecurity operations and essential security program functions that include event monitoring and SIEM technologies, vulnerability scanning and management, access controls and authentication measures,
* Capable of connecting threat analysis to risk management principles to formulate priorities and provide business level risk decision support
* Capable of working independently, establishing and managing task completion within deadlines that are responsive to client needs
* Knowledgeable of information security frameworks including NIST Cybersecurity Framework, NIST Special Publications (i.e., 800-30, 800-37, 800-53, 800-171), ISO27001/2, as well as regulatory/compliance mandates such as HIPAA, PCI-DSS, GLBA, FFIEC guidelines and others
* Possess or have completed testing for an industry-leading certification including CISSP, CISA, CISM, GIAC or other recognized credential
* Computer Science or related 4-year degree
* 5+ years in the Cybersecurity industry as in operator, developer or risk assessment roles
* 2+ years in an Information Assurance or Cybersecurity Risk Assessment role
--Even better if you have:
* Experience conducting risk assessment work or IT auditing of compliance requirements or framework gap analysis
* Experience with penetration testing, application security testing
* Experience quickly learning, independently reaching stretch goals, and continually improving knowledge and capabilities
* Experience taking on complex and difficult problems, formulating a path forward, and executing steps that demonstrate meaningful progress