Principal Security Consultant, Cyber at Presidio in Albuquerque, NM
Description COME BUILD YOUR FUTURE WITH PRESIDIO! We know technology is the key to success in a connected world. The innovative solutions we provide our clients can unlock possibilities that transform their business. While technology permits that connection, technology without imagination and ingenuity cannot be effective. At Presidio, we know that it's our people that make the connections happen. WHY YOU SHOULD JOIN US? You will set your career on track for outstanding achievement with a company that knows no limits. Presidio is a leading IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions. THE ROLE:
Principal Security Consultant Presidio is seeking a Principal Security Consultant to join our team in a remote capacity. Reporting to the Director of Security Governance, a Principal Security Governance Consultant is expected to have a deep level of expertise and vast knowledge base in core information security governance, risk, compliance, and private domains. It is critical that a Principal Security Governance Consultant be able to present complex solutions and topics in a concise manner. The consultant must be comfortable blending multiple service offerings and deliverables into a single aggregate final risk report/deliverable and executive presentation for audiences of all levels and skillsets. This is a customer-facing role. You will be required to travel to client locations to deliver professional services when needed. Key
Responsibilities:
Lead customer engagements and project execution providing information security consultation and assessment services, helping our clients meet their compliance obligations by evaluating their business, technology, and operations against industry security standards. Educate, mentor, advise, and share your expertise with clients and colleagues to aid in making decisions on topics like strategy and scope as well as deep and highly technical projects like vCISO services or ISO 27001 program development. Provide clear, organized findings and recommendations to clients and tracking progress towards resolution and compliance. Consult/advise with C-level Security Leaders (CISO, CSO, CIO, etc.) and the Board of Directors with our most valued and strategic customers. Develop strategic, operational, and tactical recommendations tailored to each customer with the intent to improve a customer's security posture and compliance position. Create detailed strategic security roadmaps with short-term, mid-term, and long-term goals that prioritize remediation recommendations and address all instances of non-compliance with applicable regulatory, statutory, contractual, and organizational obligations. Lead large security engagements in concert with other cybersecurity practices and Presidio teams. Develop security policies, standards, and procedures that are custom-tailored to each customer's unique culture, security goals, and organizational objectives using industry best practices and compliance requirements. Review, analyze, and assess key factors, including inherent risk, mitigating controls, business impact, likelihood, and other key elements to determine organizational security risk. Ensure and assess customer alignment to, and/or compliance with, applicable regulatory, federal, state, local, contractual, and organizational requirements and best practices standards such as ISO 27001, NIST CSF, PCI DSS, HIPAA, FERPA, NERC CIP, NIST 800-171, CMMC, etc. Work closely with organizations to conduct security program development by establishing the foundation for a best-of-breed security program architecture reference model using industry frameworks and standards such as ISO 27001, NIST 800-53, NIST Cyber Security Framework (CSF), etc. Work with other seasoned Principal Security Consultants in a collaborative setting to support and assist on the execution and delivery of key services such as vCISO Advisory Services, security program development, documentation review, and security consulting services. Assist the practice Directors in cybersecurity administrative functions, such as documentation maintenance, documentation creation, peer review, and other internal cybersecurity activities. Ability to travel up to 30%. Required Skills:
Previous professional experience providing consultative services. Strong professional expertise in information security with the ability to thoroughly understand complex principles and apply them practically. Comfortably present security concepts and/or findings to both highly technical and entirely non-technical audiences. Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely manner. Must be analytical, innovative, possess a strong sense of attention to detail. Strong cross-functional team participant and collaborative approach to problem-solving. Manage and guide engagement members to engagement completion. Prior experience working closely with customers and collaborating with IT staff is a plus. Strong verbal and written communication skills, organizational skills, and attention to detail. Ability to work collaboratively or independently as required by a given situation. Ability to manage multiple and changing priorities and tasks. Working knowledge of Security Testing and Audit Platforms (Nessus, NMAP, etc.). Working knowledge of host/network common vulnerabilities and exploits (CVEs, IAVAs, etc.), hacker methodologies and tactics, and the tools used. Experienced in using the Microsoft Office Suite (Word, Excel, PowerPoint). Additional Desired Skills:
Ability to work closely with cross-functional departments within Presidio and the customer. Willingness to learn from our close-knit group as well as contributing thoughts, tools, industry news or lessons learned. Desire to grow the business by identifying up-sell opportunities with existing and potential clients. Experience with project deliverables from a VAR/Integrator is preferred. Ability to maintain tact, composure, and professionalism in an interrupt-driven environment and/or when challenged by customers. Ability to be flexible and embrace change. Self-motivated and self-directed. Self-starter with the ability to manage their own tasks into a larger project or program effort. Ambitious and goal-oriented, with the initiative to work until the job is complete. Education and
Experience:
Bachelor's Degree with a focus on Information Security, IT, Computer Science, or Engineering or the equivalent work and/or military experience. Minimum of 5-10 years' experience conducting Information Security risk and compliance assessments. 3-5 years' experience evaluating compliance with regulatory and key IT standards such as HIPAA/HITECH, PCI DSS, NIST CSF, ISO 27001, GDPR/CCPA, NERC CIP, and other similar standards/frameworks. Strongly prefer candidates with payment card (QSA, PCI DSS, PA-DSS, P2PE, PFI), financial (GLBA, SOX, SSAE 18), and/or health care (HIPAA/HITECH) experience. Current information security certifications such as CISM, CISA, CISSP, ISO 27001 LI, are preferred.
Salary Range:
$80K -- $100K
Minimum Qualification
IT ConsultingEstimated Salary: $20 to $28 per hour based on qualifications.
Principal Security Consultant Presidio is seeking a Principal Security Consultant to join our team in a remote capacity. Reporting to the Director of Security Governance, a Principal Security Governance Consultant is expected to have a deep level of expertise and vast knowledge base in core information security governance, risk, compliance, and private domains. It is critical that a Principal Security Governance Consultant be able to present complex solutions and topics in a concise manner. The consultant must be comfortable blending multiple service offerings and deliverables into a single aggregate final risk report/deliverable and executive presentation for audiences of all levels and skillsets. This is a customer-facing role. You will be required to travel to client locations to deliver professional services when needed. Key
Responsibilities:
Lead customer engagements and project execution providing information security consultation and assessment services, helping our clients meet their compliance obligations by evaluating their business, technology, and operations against industry security standards. Educate, mentor, advise, and share your expertise with clients and colleagues to aid in making decisions on topics like strategy and scope as well as deep and highly technical projects like vCISO services or ISO 27001 program development. Provide clear, organized findings and recommendations to clients and tracking progress towards resolution and compliance. Consult/advise with C-level Security Leaders (CISO, CSO, CIO, etc.) and the Board of Directors with our most valued and strategic customers. Develop strategic, operational, and tactical recommendations tailored to each customer with the intent to improve a customer's security posture and compliance position. Create detailed strategic security roadmaps with short-term, mid-term, and long-term goals that prioritize remediation recommendations and address all instances of non-compliance with applicable regulatory, statutory, contractual, and organizational obligations. Lead large security engagements in concert with other cybersecurity practices and Presidio teams. Develop security policies, standards, and procedures that are custom-tailored to each customer's unique culture, security goals, and organizational objectives using industry best practices and compliance requirements. Review, analyze, and assess key factors, including inherent risk, mitigating controls, business impact, likelihood, and other key elements to determine organizational security risk. Ensure and assess customer alignment to, and/or compliance with, applicable regulatory, federal, state, local, contractual, and organizational requirements and best practices standards such as ISO 27001, NIST CSF, PCI DSS, HIPAA, FERPA, NERC CIP, NIST 800-171, CMMC, etc. Work closely with organizations to conduct security program development by establishing the foundation for a best-of-breed security program architecture reference model using industry frameworks and standards such as ISO 27001, NIST 800-53, NIST Cyber Security Framework (CSF), etc. Work with other seasoned Principal Security Consultants in a collaborative setting to support and assist on the execution and delivery of key services such as vCISO Advisory Services, security program development, documentation review, and security consulting services. Assist the practice Directors in cybersecurity administrative functions, such as documentation maintenance, documentation creation, peer review, and other internal cybersecurity activities. Ability to travel up to 30%. Required Skills:
Previous professional experience providing consultative services. Strong professional expertise in information security with the ability to thoroughly understand complex principles and apply them practically. Comfortably present security concepts and/or findings to both highly technical and entirely non-technical audiences. Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely manner. Must be analytical, innovative, possess a strong sense of attention to detail. Strong cross-functional team participant and collaborative approach to problem-solving. Manage and guide engagement members to engagement completion. Prior experience working closely with customers and collaborating with IT staff is a plus. Strong verbal and written communication skills, organizational skills, and attention to detail. Ability to work collaboratively or independently as required by a given situation. Ability to manage multiple and changing priorities and tasks. Working knowledge of Security Testing and Audit Platforms (Nessus, NMAP, etc.). Working knowledge of host/network common vulnerabilities and exploits (CVEs, IAVAs, etc.), hacker methodologies and tactics, and the tools used. Experienced in using the Microsoft Office Suite (Word, Excel, PowerPoint). Additional Desired Skills:
Ability to work closely with cross-functional departments within Presidio and the customer. Willingness to learn from our close-knit group as well as contributing thoughts, tools, industry news or lessons learned. Desire to grow the business by identifying up-sell opportunities with existing and potential clients. Experience with project deliverables from a VAR/Integrator is preferred. Ability to maintain tact, composure, and professionalism in an interrupt-driven environment and/or when challenged by customers. Ability to be flexible and embrace change. Self-motivated and self-directed. Self-starter with the ability to manage their own tasks into a larger project or program effort. Ambitious and goal-oriented, with the initiative to work until the job is complete. Education and
Experience:
Bachelor's Degree with a focus on Information Security, IT, Computer Science, or Engineering or the equivalent work and/or military experience. Minimum of 5-10 years' experience conducting Information Security risk and compliance assessments. 3-5 years' experience evaluating compliance with regulatory and key IT standards such as HIPAA/HITECH, PCI DSS, NIST CSF, ISO 27001, GDPR/CCPA, NERC CIP, and other similar standards/frameworks. Strongly prefer candidates with payment card (QSA, PCI DSS, PA-DSS, P2PE, PFI), financial (GLBA, SOX, SSAE 18), and/or health care (HIPAA/HITECH) experience. Current information security certifications such as CISM, CISA, CISSP, ISO 27001 LI, are preferred.
Salary Range:
$80K -- $100K
Minimum Qualification
IT ConsultingEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
