Senior IT Security Compliance Consultant

IT Security, Security Compliance, PCI, HIPAA, GDPR, DLP, SIEM,
Full Time, FULL-TIME
Work from home not available Travel not required

Job Description

Wouldn't you like to work for a rapidly growing, award-winning, successful technology consulting firm? Think you're ready to take your career to the next level?


Key Points: 

  • Ability to travel 50-70% 
  • Management Consulting experience is a plus
  • 3+ years in an IT Security Compliance position 
  • Local to Chicago 


The Sr. IT Security Compliance Consultant will be responsible for leading technical project teams as the engagement lead to gather requirements, create a design, and implement the solution. You’ll typically be working with a team of consultants working to complete a project that aligns with the client’s business objectives. Typical engagement responsibilities will include:


  • Provide strategic security advisory, PCI, HIPAA, and GDPR consulting services for enterprise clients, ranging from policy definition to adoption and enforcement
  • Current state review of existing organization, processes, and technologies to deliver key findings and recommendations
  • Delivery of cyber asset/system categorization and impact ratings, including site visits to multiple client locations  
  • Identify, scope, and deliver solutions within industries such as Healthcare & Life Sciences, Financial Services, Retail, etc.
  • Develop implementation strategy and roadmaps, with an initial focus on HIPAA, PCI, or GDPR compliance
  • Work closely with business and technology teams to craft solutions that align with HIPAA, PCI, or GDPR best practices
  • Perform day-to-day organization, process and technology data collection and analysis, interviews and discovery workshops
  • Implement security solutions including the design, configuration, development, testing and deployment of security-related technologies such as Security information & Event Monitoring (SIEM), Identity & Access Management, IDS/IPS, Data Loss Prevention, Digital Rights Management, Network Access Control and other security technologies.
  • Manage client relationships and meet with clients to determine business and functional requirements
  • Translate business and technical requirements into concrete projects proposals including detailed work plans and cost estimates
  • Contribute to business development process at existing clients
  • Promote thought leadership in emerging technologies; from partnerships to go-to-market offerings, to strategy, to design and implementation.
  • Actively build a professional network and affiliate network in the local community


We need someone with real world experience in the following:

  • Candidates must have 3+ years of experience performing Security Assessments work (vulnerability management, penetration tests, network security and social engineering)
  • Background in auditing IT Security controls
  • Ability to convey complex technical security concepts to technical and non-technical audiences including executives required
  • Proactive desire to continue to broaden and deepen business and consulting skills
  • Demonstrate knowledge and experience with the architecture, engineering and deployment of cyber security solutions
  • Experience in leading and delivering end-to-end solutions, which could include strategy, design, development, testing and training, and implementation
  • Advanced understanding of application, database, and network security principles for risk identification, mitigation, and analysis
  • Experience with cybersecurity architectural roadmaps, sub-domain strategies, product roadmaps and standards
  • HealthCare Information Security and Privacy Practitioner (HCISPP) certification or equivalent a plus
  • Payment Card Industry Professional (PCIP) and/or Certified Information Systems Security Professional (CISSP) certification or equivalent a plus
  • Certified Information Systems Security Professional (CISSP) certification or equivalent highly desired


What else do you need to bring to the table?

  • Excellent organizational, verbal, presentation/facilitation, and written communication skills
  • Demonstrated experience with HIPAA compliance within the Healthcare industry
  • Demonstrated experience with the PCI DSS
  • Bachelor’s degree in Information Technology, Computer Science, Business or equivalent industry experience
  • Willingness to travel for out of town client engagements, up to 70%.​​
Dice Id : 90969093
Position Id : 703782
Have a Job? Post it