Cybersecurity Consultant (CISSP)

Examples of Security Initiatives:

• Data loss prevention across Google, Microsoft, and various environments
• Web application vulnerability assessment and remediation
• Secure remote access and VPN implementation
• NIST assessment, compliance, and recommendations
• Security Incident and Event Management (SIEM) strategies
• Managed Security Operations Center services
• Incident response plan development and testing
• Firewall optimization and tuning
• Internal and external penetration testing
• Ransomware prevention initiatives

Duties:

• Plan and execute complex cybersecurity initiatives, coordinating contractors, vendors, and staff activities, reporting directly to the CTO.
• Develop cybersecurity policies, procedures, standards, playbooks, trainings, and notices.
• Implement new cybersecurity controls following NIST and CISA frameworks.
• Research, recommend, and implement security technologies such as VPN, IDS/IPS, SIEM/SOAR, etc.
• Provide operational support for existing security technologies.
• Lead and coordinate incident response activities.
• Conduct cybersecurity risk assessments.
• Facilitate team meetings, project updates, training sessions, and other events.
• Offer cybersecurity and IT security subject matter advice, findings, and recommendations to CTO and other executives.
• Collaborate with technical team members and clients on cybersecurity consultations.
• Coordinate third-party risk assessments and recommendations.
• Assess Business Continuity preparedness and coordinate tabletop planning exercises.
• Perform gap assessments of application/system disaster recovery plans.

Requirements:

• Bachelor's degree in Computer Science, Cybersecurity, Engineering, Mathematics, or related field.
• Four years of experience as a Cybersecurity Engineer or Network Security Engineer in an organization with over 50,000 users.
• Two years of cybersecurity incident response experience.
• Valid CISSP certification.