SENIOR Security Consultant

• Client facing role to assess the Information Security Posture of the client's suppliers per the client's guidelines. Includes working as a team member with client personnel to plan, coordinate, execute, and report the Information Security posture of the client's supplier. Information Security professional will work independently and has a broad base of knowledge in Information Security policies, process, tools, services, and architectures.  Collaborate with others during project management, strong verbal, written and listening ability, and flexible in accommodating client deadlines, willing to travel 75% of the time.  Adept at analyzing information/data providing well-researched feedback and recommendations enhancing security.
• The candidate must have experience in Third-party risk assessments (both remotely and at onsite), audit experience, report writing skills, interpersonal skills, communication skills and good awareness of information security concepts.
• The candidate must also have excellent skills in the following areas:

Required:

• Strong technical skills required in the following areas:
• Evaluating the environment for security exposures and providing metrics of the security posture
• Providing metrics and program management for Information Security Assessor service
• Review of Policies and Procedures, Security Awareness Training, Change Management, Anti-Virus Management, Patch Management, Supplier Risk Assessments, Encryption, Business Continuity Management, Log Management, User Access Management, Password Policy, Physical and environmental controls, etc.
• Mentoring other Information Security Assessor’s in developing both information security and customer relation skills
• Ability to execute audits end-to-end individually
• Researching the latest industry security practices and technologies
• Proven ability to perform security risk assessments, communicate (in writing and verbally) the results, and advise on actions to reduce or eliminate risk
• Strong interpersonal relationship skills and ability to build new relationships quickly with customers and their partners/suppliers
• Excellent written and verbal communication skills
• Proven ability to manage multiple streams of work while meeting deadlines and due dates
• Be able to function in an ‘on-demand’ environment
• Working knowledge of PCI DSS, HIPAA, SOC, etc
• Ability to understand the supplier's existing controls that meet the compliance requirements.
• Be able to make recommendations on security changes, security policy updates, improvements and problem resolution
• Strong organizational skills
• Work independently
• At least 15 years of experience in the Information Security domain
• At least 5 years of experience in Information Security Risk Management
• At least 5 years of experience in Audit (Internal or external)
• At least 3 years of experience in Third-Party Assessments
• Passport ready with the ability to travel up to 75% international and domestic annually
• English – Fluent