Risk and Advisory | Boston, MA, United States
- Provide strategic information security advisory and consulting services for enterprise clients.
- Identify, scope, and deliver customer Information Risk Management needs within the Neohapsis services portfolio.
- Scope security engagements and support development of proposals and statements of work, effectively translating customer requirements into an engagement to meet those needs.
- Provide trusted Information Security Officer advisory services to enterprise customers.
- Translate business, industry, and regulatory requirements into information risk management objectives and associated tactical/strategic information security initiatives.
- Identify sales opportunities during and after engagement; work with sales personnel to close business. Help drive sales.
- Participate in the development of Neohapsis service portfolio and methodologies
- Demonstrate the ability to multi-task, including completing client engagements and thought leadership activities.
Average travel approximately 40%, with potential up to 50% per year.
- In-depth information security management experience with specific focus on one or more of the following:
- Network security
- Information risk management
- Security audit
- Security operations
- Security program development
- Compliance management
- Experience researching, developing, and applying new methodologies and technologies
- Cross-organizational IT project management experience with an information security focus
- Strong leadership skills
- Demonstrated ability to self-manage
- Exemplary command of the English language, both oral and written
- Extensive information security program and risk management knowledge
- Traditional consulting experience
- 7+ years of experience
Bachelor's degree or equivalent practical experience. QSA certification preferred.
Practical experience with one or more of the following:
- Sarbanes-Oxley (SOX)
- Health Insurance Portability and Accountability Act (HIPAA)
- Gramm Leach Bliley Act (GLBA)
- North American Electric Reliability Council (NERC)
- Federal Financial Institutions Examination Council (FFIEC)
- Industry Standards
- International Standards Organization (ISO) 27001/27002/27005
- Payment Card Industry Data Security Standard (PCI DSS)
- ISACA Control Objectives for Information and related Technology (COBIT)
- Strong background in virtualization or cloud computing, VMware, Azure, Amazon AWS, Rackspace, OpenStack.
- VCP certification preferred.