Cybersecurity Advisory Analyst

Location: Round Rock, Texas
Date Posted: 10-10-2018
Job Summary:
 
Reporting to the Managing Director of the CISO Advisory team, provide consulting services for clients by conducting assessment work and analysis of client information security programs and cybersecurity operations. Provides advisory consultation supporting client technology teams, CIOs, CISOs and executive leaders to meet their regulatory requirements, management of technology and cybersecurity risk, and strategic planning for improving cybersecurity posture. Working independently and within a team construct advising clients through consulting engagements, assessment services, and implementation/mitigation projects.
 
This role works remotely and requires approximately 20% travel to client locations.
 
 
Responsibilities Include:
 
* Conduct assessments of client organization capabilities
* Develop gap analysis to compliance requirements
* Construct client deliverables including reports, briefing presentations and recommendations
* Work with clients to mitigate cybersecurity risks and implement security program functions
* Conduct research to identify appropriate solutions and recommendations
* Participate in the development of incident response exercises and facilitate exercises for clients in table-top or expanded exercise formats
* Work within existing CyberDefenses service delivery frameworks and help to develop service delivery
 
Requirements:
 
* Able to communicate effectively through writing, speaking, and presenting to groups and key client stakeholders
* Team player capable of productively contributing to the CyberDefenses mission by supporting fellow teammates and clients in a dynamic growing and changing environment
* Knowledgeable of network and security architecture principles, firewall and IDS/IPS fundamentals, endpoint security systems and other security protective/detective systems
* Experience with IT system and/or network administration
* Knowledgeable of cybersecurity operations and essential security program functions that include event monitoring and SIEM technologies, vulnerability scanning and management, access controls and authentication measures,
* Capable of connecting threat analysis to risk management principles to formulate priorities and provide business level risk decision support
* Capable of working independently, establishing and managing task completion within deadlines that are responsive to client needs
* Knowledgeable of information security frameworks including NIST Cybersecurity Framework, NIST Special Publications (i.e., 800-30, 800-37, 800-53, 800-171), ISO27001/2, as well as regulatory/compliance mandates such as HIPAA, PCI-DSS, GLBA, FFIEC guidelines and others
* Possess or have completed testing for an industry-leading certification including CISSP, CISA, CISM, GIAC or other recognized credential
* Computer Science or related 4-year degree
* 5+ years in the Cybersecurity industry as in operator, developer or risk assessment roles
* 2+ years in an Information Assurance or Cybersecurity Risk Assessment role
 
 
Preferred Skills and Qualifications:
 
* Experience conducting risk assessment work or IT auditing of compliance requirements or framework gap analysis
* Experience with penetration testing, application security testing
* Experience quickly learning, independently reaching stretch goals, and continually improving knowledge and capabilities
* Experience taking on complex and difficult problems, formulating a path forward, and executing steps that demonstrate meaningful progress
or
this job portal is powered by CATS