Security Advisor Job - Control Assessments

July 22

Apply Now

Receive Emails with Similar Jobs

Soteria - Security Solutions & Advisory

WebsiteLinkedInAll Job Openings

Tailored Security Solutions & Managed Detection and Response

Incident Response • Forensics Analysis • Data Analytics • Threat Management • Hunt Operations

11 - 50

💰 $2.5M Seed Round on 2018-02

Description

• Perform control gap assessments to help organizations understand where gaps exist within client security programs. • Provide project management tasks to ensure assessment delivery is on time and meets the client’s needs. • Identify gaps in desired control implements and determine appropriate recommendations for clients based on identified regulatory framework and desired controls. • Review information system security controls and evaluate efficacy. • Perform detailed audit-like assessments according to cybersecurity-related frameworks. • Analyze documentation and evidence provided to verify adherence to prescribed cybersecurity-related frameworks. • Develop and review policies, procedures, and other related documentation to ensure compliance with control frameworks. • Write clear and well-structured reporting to detail observations and strategic recommendations, at an appropriate level for the intended audience. • Identify cybersecurity-related regulatory requirements (e.g., PCI-DSS, HIPAA, CCPA, GDPR, NYDFS) as well as gaps in compliance, and develop strategic plans to achieve and maintain compliance. • Work closely with clients and the Soteria team to develop remediation plans to ensure clients achieve their desired outcomes. • Document and present findings and recommendations to clients, including C-Suite and board-level executives, in a professional manner. • Support project team with quality assurance review of deliverables. • Maintain relationships with clients post-assessment in order to assist and advise as they continue to build and improve their security. • Maintain competence in security trends, technologies, and practices through self-study and attendance of industry events. • Conduct interviews with clients and the Soteria team to evaluate a client’s IT environment and security practices. • Assess and research common business platforms and technologies to deliver recommendations for secure configurations. • Maintain integrity and confidentiality for sensitive client information.

Requirements

• 5+ years of industry experience with an understanding of the cybersecurity space • 2+ years of experience in a cybersecurity consulting role; specifically conducting IT audits or assessments • Familiarity with cybersecurity frameworks such as NIST CSF, CMMC, ISO 27001, and CIS Controls • Relevant certifications such as CISSP, CISM, CISA, etc. • Strong knowledge of Microsoft Suite, Advanced Excel skills a plus • Candidates must be legally authorized to work full time within the United States and able to pass a background check. • Some candidates may require more extensive background checks based on the project.