Information Security Sr. Consultant
Note: This is initially a 2 month project that could be extended, and if it is then our client will consider hiring the individual.
Our client is looking for a Senior Consultant with experience in information and cyber security, including conducting assessments, developing security programs, ensuring compliance and implementing security controls and solutions. The resource should have a background in both security compliance and technical security solutions, helping develop security programs for clients.
The Senior Consultant should be able to develop and provide innovative solutions for our clients. Our Consultants work as part of a consulting team forming close relationships with key client Business and IT stakeholders. Consultants are expected to play a significant role in client engagements, along with maintaining additional internal (non-client) responsibilities. The Consultant will be expected to perform the following tasks:
o Conduct security and risk assessments
o Develop security strategies and recommendations
o Conduct security compliance assessments
o Develop security programs
o Analyze, evaluate and recommend technical security solutions for clients
o Architect, design, engineer, and implement technical security strategy and solutions
o Develop policies, standards, procedures and processes
o Create security plans
o Perform vulnerability assessments
o Conduct penetration testing
o Thorough knowledge and understanding of current information security techniques, architectures and technologies including development, deployment, and support of high-quality information security solutions including, but not limited to:
- Network access control (NAC)
- Security information and event management (SIEM)
- Network and Host-based intrusion detection systems (NIDS/HIDS)
- Web and email content filtering
- Data loss prevention (DLP)
- Volume and media encryption
- Cloud security
- Log correlation and management
- Vulnerability management or assessment and mitigation
- Firewall monitoring and optimization
- DDoS mitigation
- Identity and Access Management
- End-Point Security
- Application Security
- Encryption & Key Management
o Experience leading security assessments and implementations using proven methodologies
o Understanding of security and infrastructure standards and regulations (e.g. ITIL, FISMA, PCI, ISO, HIPAA, etc.)
o Knowledgeable with federal government security frameworks, standards, policies, compliance requirements, certification and accreditation, and operations
o Conversant in basic project management principles and project quality methods
o Experience in areas such as: access control, governance / risk management, privacy / data protection, configuration management, and continuous monitoring.
o Understanding of networking protocols and vulnerability scanners.
o Ability to read and understand vulnerability reports.
o Experience with business continuity and disaster recovery
o Excellent written and oral presentation and communication skills
o Ability to proactively manage multiple commitments and tasks
o Experience building effective relationships with clients and colleagues
o Exercise and meeting facilitation experience
o Excellent organizational and time management skills
o Experience working as part of project teams in a consulting or strong customer-oriented environment
Our client is seeking individuals with 8-15+ years of professional experience in information and cyber security. Previous consulting experience is a plus.
Preference for at least one current recognized professional certification such as Security+, CISSP, CCIE, CCSP, CCNP, GIAC, CEH and CISA
Bachelorís Degree, Cyber Security, Business, Engineering, Computer Science, Information Management, Management Information Systems, or a related field; or the equivalent in education and work experience.
||Information Security Sr. Consultant
Opportunity Employer M/F/D/V