Senior Cybersecurity Consultant

Description

Socium Security is looking for a Senior Consultant to apply fundamental knowledge of technology, security, data protection, and business continuity to assist our customers in transforming their current IT, risk, and business capabilities. Senior Consultants at Socium Security lead the delivery of customized solutions to our customers' most difficult security program challenges. They also contribute to the conception and development of our customized security services products in a variety of security fields, including cybersecurity and data protection. Successful candidates will be able to work independently and supervise, if not direct, junior practitioners on deliverables and work deliverables. Most importantly, because we recognize that our team members are our most precious resource, our Senior Consultants are also expected to mentor, encourage, and develop our junior practitioners.

Responsibilities

• Drive the development of all deliverables, work products, and business collateral. Oversee junior professionals and their assistance in these tasks to ensure that services and deliverables are of excellent quality.
• Support the development, creation, and delivery of unique technical and programmatic security solutions.
• Assist in the development and transformation of security programs, as well as the implementation of data protection requirements.
• Assist clients with analyses, requirements gathering, technical solution design, deployment, and ongoing services.
• Maintain a client portfolio and the ability to project manage multiple engagements simultaneously
• Demonstrate a working knowledge of software development and cloud security principles.
• Utilize industry-accepted frameworks to conduct a current-state, risk, and controls examination of existing organizations – compliance, processes, and technology – while building implementation plans and roadmaps to drive solution delivery.
• Develop governance models, policies, processes, standards, and other documentation that are aligned with corporate goals and industry best practices (NIST, ISO, CIS, PCI, SOC2, HITRUST).
• Evaluate a client's capacity to defend against attacks, detect active threats, and respond to and recover from incidents.
• Promote thought leadership in cybersecurity domains and new technologies through activities such as blogs, white papers, industry events, and contributions to the Center of Excellence.
• Assess audit readiness, identify risks, and identify weaknesses and threats.
• Foster a collaborative and inclusive work atmosphere.
• Assist and mentor junior professionals.

Requirements

• A bachelor's degree in a relevant discipline, or similar experience, is preferred.
• Experience with a consulting practice is strongly desired.
• Strong written and oral communications skills
• 4-7 years of Cybersecurity, Information Security, and/or Tech Consulting experience
• Strong knowledge in risk & compliance, privacy, strategy & operations, incident response, vulnerability management, cloud security, application security, and other common cybersecurity domains
• Understanding of high-level application, database, and network security principles for risk identification, qualification, mitigation, and analysis
• Confident at communicating complicated cybersecurity ideas to both technical and non-technical audiences.
• Communication abilities that are strong in terms of organization, verbal, presentation/facilitation, and writing
• Willingness to travel for out-of-town client meetings – if COVID-19 permits

Other Desired Skills

• Familiarity with data protection, data privacy and data removal standards (NIST 800-88, GDPR, CCPA/RA, other emerging legislation)
• The desire and ability to communicate with business and technology teams at all levels of the company 
• Experience conducting security audits, developing mitigation measures, and driving operational improvements
• Strong written and oral communication skills, as well as the desire and ability to communicate with business and engineering teams at all levels of the company, are necessary.
• Knowledge of information technology and products, as well as cloud computing environments
• Ability to work collaboratively with engineering and business teams to establish credibility and confidence while ensuring alignment around a single approach.
• Demonstrated capacity to make quick, intelligent, and justified decisions in the face of ambiguity
• Certifications such as CISSP, CCSP, CEH, CISA, CRISA, and others are available.