A leading global consulting firm is seeking a Manager level experienced Information Systems Security professional with to join the Practice. The Risk Security practice provides a broad range of recommend services related to controls, processes, and methodologies surrounding Information Security, Risk Management, Risk Assessments, Vulnerability and Threat Management,Technical Privacy / Regulatory compliance, and emerging technologies.
Services include:
– Assessing and recommending Information Security and Risk Management strategies, policies and governance
– Technology Risk Assessments and Diagnostic Reviews
– Network, Operating System, Database, and Application Security
– Vulnerability Management and penetration testing
– Technical Privacy and Data Protection Support, regulatory compliance
– Strategy and Consulting for PCI, HIPPA, ISO compliance, etc
– Emerging technologies; cloud computing, wireless, mobile devices, etc.
– IT Risk Management
Knowledge Preferred:
– Demonstrates extensive knowledge of securing assessments, developing information security strategies, conducting security assessments, and recommending security solutions to assist businesses with the assessment and improvement of their security infrastructure.
– Demonstrates extensive knowledge of assessing and recommending enterprise security solutions in adherence with industry security standards.
– Demonstrates extensive knowledge of understanding and/or directly managed through the common issues facing clients who provide products and services in several service sectors that include Financial Services, Manufacturing, Retail, Media and Entertainment, Technology, Energy, etc.
– Demonstrates extensive knowledge of with creating proposals and demonstrated business development efforts.
– Demonstrates direct experience as a consultant, auditor or Information Security leader in a professional services firm or large enterprise. This includes interfacing with clients on control solutions, as well as leading the planning and execution of projects, in the following areas: Information Security, Risk Management, Technical Privacy/Compliance, IT Security Audit, and / or IT Risk Management.
– Obtained one or more of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) preferred.
Skills Preferred:
– Demonstrates extensive abilities with the utilization of network and application security assessment tools and methodologies to manage and address security and control issues with the following technologies: UNIX, Windows Servers, databases (Oracle, SQL, DB2, etc), mainframe, firewalls, routers, wireless environments, mobile devices, and cloud computing.
– Demonstrates extensive abilities with performing information security, IT audits, risk assessments, network and application penetration testing and security assessments, intrusion detection, vulnerability/risk validation, and secure application development.
– Demonstrates extensive abilities to identify and address client needs: developing and sustaining extensive client relationships using networking, negotiation and persuasion skills to identify and sell potential new service opportunities; preparing and presenting complex written and verbal materials; and defining resource requirements, project workflow, budgets, billing and collection.
– Demonstrates thorough abilities success as a team leader: leading teams to generate a vision, establish direction and motivate members, create an atmosphere of trust, leverage diverse views, coach staff, and encourage improvement and innovation.
– Demonstrates extensive abilities with information security organizational and policy development, vulnerability management, risk assessment and IT Risk Management skills.
Min Year Exp:
5 years of Information Security and Technical Privacy.
Min Degree(s) and Certifications:
BA or BS Management Information Systems or business related field.