The Cybersecurity Consultant provides foundational business-focused cybersecurity solutions; including risk assessments, governance, data classification, policies, controls and procedures, awareness, vendor risk management, incident response, & penetration testing. Other responsibilities include supporting delivery of client solutions and helping to solve business-critical problems. This position is a critical member of a cybersecurity-focused professional services team, composed of capable and high-caliber cybersecurity professionals.
- Consult with clients in a wide range of security domains, including risk assessment, governance, data classification, policies, controls and procedures, vendor management, awareness, incident response, penetration testing and vulnerability assessment
- Partner with Project Management to deliver communications, plans, timelines and other activities required for successful service delivery
- A key team member who will deliver the professional services around various security domains
- Maintain proficiency in and awareness of security services, industry trends, tactics, techniques and procedures
- Maintain proficiency with security tools, where applicable
- Act as a supporting cybersecurity resource for clients, sales, and business partners
- Partner with leadership and support process improvement
- Travel as needed for customer engagement/delivery
Experience / Skills:
- 2+ years of relevant information security working experience.
- Penetration Testing & Incident Response Experience (Red/Blue Team).
- Experience with offensive security tools such as, Kali Linux, Metasploit, Core Impact, Nessus, BurpSuite, Zenmap/Nmap, and more.
- Experience creating cybersecurity deliverables.
- Advanced knowledge of Microsoft Word and Excel.
- Live experience responding to various cybersecurity-related incidents to include; ransomware, viruses, data exfiltration, malicious insiders, and others.
- Working knowledge of key cybersecurity tools to support customer delivery.
- Working experience with regulatory frameworks and standards such as, NIST, ISO, DFARS, PCI, HIPAA, & SOX.
Desired Certifications & Licenses:
E-CEH, E-CIH, GCIH, GPEN, CISSP, Security Plus, Network Plus or other applicable security certification(s).
Competencies for Success:
- Risk & Compliance Management.
- Plan, lead and deliver cybersecurity solutions to solve business and compliance requirements.
- Advanced knowledge and experience of the cybersecurity lifecycle, including information asset inventory, risk assessment, data classification, policies, controls and procedures, awareness, vendor risk management and incident response
- General knowledge of how technical cybersecurity contributes to the cybersecurity lifecycle.
- Participate in cyber-incident response scenarios, to include training and live/real-world.
- Conduct team-coordinated and independent penetration testing for client networks.
- Risk treatment and corrective action plans.
- Produce and deliver detailed findings and recommendations in professional, accurate and digestible formats.
- Exceptional written and oral skills, including the ability to succinctly describe findings, make recommendations and communicate them in business terms.
- Project Management including proficiency with organization of projects, tasks, timelines and communications
To be considered for this position, please submit your resume with accompanying cover letter.
Director of Human Resources
175 Sully’s Trail, Suite 202
Pittsford, NY 14534
585-385-0610 x 211