Cybersecurity Consultant - Intermediate
Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.
Huntsville, AL 35808
Cybersecurity Consultant – Intermediate
At MAD Security our mission is to simplify the Cybersecurity challenge and safeguard business. To accomplish this mission we need motivated and passionate teammates.
We are seeking an extraordinary Cybersecurity Consultant for our team who will work closely with our clients to provide risk management and information security compliance consulting to deliver best-of-breed results. You will be working side-by-side with a highly focused and motivated team to reach a higher level of excellence in order to bring the best value to our clients. You will be expected to conduct a wide array of Cybersecurity consulting engagements to MAD Security s diverse clients. Each engagement can range from 2-3 days to several months, with periods between consulting engagements being utilized to update MAD Security s methodologies and products. You must have a solid understanding of the Information Security landscape, analyze risk levels of clients, possess the ability to identify areas of exposure, and make recommendations based upon that knowledge. This position relies heavily on sound and repeatable methodologies, while cultivating the business and technical sides of client relationships in order to generate additional avenues of opportunity for MAD Security.
Up to 30%
Essential Duties and Responsibilities
Conduct Cybersecurity consulting engagements onsite and remotely; including report writing
Manage and execute project level tasks and milestones
Educate clients on information security and applicable control requirements
Ensure delivery meets contractual commitments and regulatory compliance (e.g. NIST, DFARS, FFIEC, ISO, CIS 20, etc.), policies and standards
Baseline existing risks and compliance levels
Advise on risk mitigation and remediation plans
Provide information security consulting to clients based on experience in the field and best practices
Ongoing evaluation and improvement of methodologies and internal processes.
Knowledge and experience of Risk Management, IT Governance, and Information Security best practices, standards and frameworks such as NIST, FFIEC, ISO, PCI-DSS, CIS 20, HIPAA, etc.
5+ years of experience in information security field
Good time management, project management and problems solving skills
Security controls assessment experience
Experience interacting, relating and collaborating with executive-level clients
Bachelors Degree or Masters Degree in Information Assurance, Cyber Security, Computer Science, Business Management or other related field; or equivalent experience
One or more of the following: CISSP, CISM, CISA, Security+, or equivalent certificate
Experience with risk and security in financial institutions
Experience interviewing IT and non-IT staff to identify as-is processes and procedures
Application Security and/or Vulnerability Assessment experience
Penetration Testing and Social Engineering knowledge
GRC process and tools experience a plus
High level working knowledge of security solutions such as endpoint security, DLP, SIEM, etc., and what problems those solutions are designed to solve
Knowledge of various security technologies and leading product families
Ability to review the security architecture and advise on security requirements