Information Security and Privacy Consultant - Risk Consulting

Description

DESCRIPTION

The Information Security and Privacy Consultant - Risk Consulting will be responsible for supporting planning, supervising staff, and executing IT Security and Privacy projects. They will serve as a project or team lead to ensure high-quality delivery. Will perform work, as well as oversee the technical work of some junior level personnel. Will also work directly with other project leads, managers, and/or executives to communicate business and technical aspects of the work being performed. The Associate will set performance expectations for junior level personnel and provide constructive performance feedback on a regular basis. May also assist the engagement economics of the projects, including budget status tracking, billing, and collection analysis.

The highly motivated associate in the area of information security will join the Security and Privacy team. The S&P team members are technical leaders within the firm that assist community, regional, national, government, and international clients to address their IT security concerns.

The associate will be responsible for:

• Network Penetration Assessments - Internal, External and Wireless
• Network Architecture Reviews
• Server and Workstation Operating System Reviews (Windows and UNIX)
• Database Reviews (MS SQL, Oracle)
• Compliance Based Reviews including HIPAA, GLBA, FFIEC and NERC CIP
• Business Continuity and Disaster Recovery Implementation
• Specialized Technical Reviews including Virtualization, Email Architecture, Web Application, Wireless Infrastructure and Web Servers

• Bachelor's degree required, candidates must possess significant analytical skills which likely evolved from early academic training in Computer Technology, Computer Science, Information Systems, or similar discipline.
• Minimum one to four years of business experience in the area of Information Security.
• Certified Information Systems Security Professionals (CISSP) or willingness to obtain is required. Experience within consulting or professional services, or at leading industry public companies is preferred.
• Solid leadership as well as strong written and verbal communication skills.
• Ability to prioritize multiple assignments and work in a team environment.
• Ability to translate technical vulnerabilities and configurations into business risks is also required.
• National travel is required.
• One to four years of consulting experience in many of the following areas: Networking (TCP/IP), Network Service evaluation, Network Architecture including design and device (Cisco) configurations, Server (Windows and UNIX) Security and System Administration, Information Security Standards including ISO and NIST, Database Security and Administration, Business Continuity and Disaster Recovery, HIPAA Security and Privacy, NERC CIP.