The Information Security Consultant - Controls Frameworks position is a person who can understands controls framweworks like NIST, ISO, and COBIT. The consultant should understand operational considerations, control objectives, controls testing, and success measurement criteria that will allow our clients to ensure compliance while also meeting security controls technology. In this role you will assist Cedrus clients in reviewing Information Security policy, defining Governance processes, and defining controls. Position requirements include:
- Demonstrable experience for at least 10 years in an Information Security role
- Deep knowledge of Information Security Risk Management technical controls such as:
- Identity Systems, Access Provisioning, Access Attestation/Certification
- Privileged Access Management
- Authentication, Authorization, Audit
- Encryption
- Data Leakage Prevention
- Federation / SSO
- Understanding of Cloud Security Controls
- Knowledge, understanding, and experience in building Governance processes, policy, and controls leveraging important frameworks such as:
National Institute of Standards and Technology Special Publication 800-53 (NIST SP 800-53)
Control Objectives for Information Related Technology (COBIT)
International Organization of Standardization (ISO) 27000 Series
- Attitude of teamwork, cooperation, do what it takes to get it done, and passion for tech
- Experience in a consulting role or a large organization's IT or Information Security Group
- Exceptional written and verbal communication skills (English)
- Presentation skills
- Ability to thrive and drive decisions in a group
- Excellence in office products like word, visio, excel
- Diagramming skills
- Cloud aware, cloud vocabulary, comfortable in cloud topics
- Security certifications valued (CISSP, CCSK, etc.)
- Travel flexibility, up to 75% annually, could be many continguous weeks.
- Self-motivated remote working / work from home for extended periods
Experience and Education
- At least 5 years leading projects/designs/implementations, at least 10 years total relevant experience
- Bachelor's degree
REQUIRED: US Citizen OR Permanent Resident - NO H1B Sponsorship
Employment Type: Permanent Employee
Background Screening: Criminal background screen and drug test required.
Locational Requirements: NYC, Atlanta, or Boston areas, USA, ability to travel as needed, up to 75% USA.
We are technically experienced thought leaders with a strong emphasis in cloud security. We have deep skills in Identity and Access Management (IAM), Cloud Security, and Cloud Access Security Brokers (CASB). We focus on providing solutions to risk and compliance challenges for our clients. We partner with our clients for long-term mutually beneficial relationships. Inside, we promote a culture of respect, growth, teamwork, and motivation that we bring to every engagement. We're a small company that is working on big company challenges, solutions, and engagements. We provide exposure to the big company environment with a small company feel. We're flexible, adaptable, and fast.