Addresscloud.com/">
Security Consultant
Location: Chicago or Remote, US
About VikingCloud
VikingCloud is the leading Predict-to-Prevent cybersecurity and compliance company, offering businesses a single, integrated solution to make informed, predictive, and cost-effective risk mitigation decisions – faster. Powered by the Asgard Platform™, the industry’s largest repository of anonymized cybersecurity and compliance event data, we continuously monitor and analyze over 6+ billion online events every day.
VikingCloud is the one-stop partner trusted by 4+ million customers to provide the predictive intelligence and competitive edge they need to stay one step ahead of cybersecurity and compliance disruptions to their business. Our 1,000 dedicated cybersecurity and compliance expert advisors understand that it’s not just about technology. It’s about transacting business and delivering an exceptional customer experience every day, without fail. That’s the measurable value we deliver. And that’s what we call, Business Uninterrupted.
What you’ll do
As a Qualified Security Assessor (QSA) you will provide assessments and consulting to our clients As a consultant versed in other standards you will provide assessments and consulting to our clients. You will manage your own book of work and be the master of your own work schedule to the degree that it coincides with your clients requirements (that have been assigned to you) and delivery times required. You will conduct remote and travel for consulting and auditing services which usually last anywhere from 3-5 days for travel and 3 -9 months for a specific engagement.
You will provide status of all engagements that you are assigned to on a weekly basis and manage them to critical milestones to prevent escalation by clients. Writing detailed technical reports and evaluation of supporting documentation for proof of compliance with standards and regulations.
Responsibilities
- Perform both consulting, advisory and assessment services.
- Must maintain relevant certification required by industry and complete relevant ongoing continuing education required by certifications.
- Provide competent and relevant cybersecurity, governance, compliance, risk, and auditing in the technical space in accordance with various regulations and standards.
- Provide engagement management and high-level project management for delivery of services to multiple client which have been assigned to you by management.
- Evaluate client compliance with regulations such as Payment Card Industry Data Security Standard (PCI DSS), Australian Prudential Regulation Authority (APRA) CPS234 or GDPR.
- Conduct audits and risk Assessment based on National Institute of Science (NIST) standards like NIST Risk Management Framework, NIST Cyber Security Framework, NIST Privacy Framework, and International Standards organization (ISO) frameworks for risk and cybersecurity.
- Consultative support with clients in using Risk Assessment and Audit based on National Institute of Science (NIST) or ISO27002.
- Sharing your expertise with clients and colleagues to aid in making decisions on topics like strategy and scope as well as deep and highly technical projects like web application architecture and security.
- Providing clear, organized findings and recommendations to clients and tracking progress towards resolution and compliance.
- Producing detailed, high-quality reports for clients and industry third parties like payment card brands and the PCI Security Standards Council.
- Learning from our close-knit group as well as contributing your thoughts, tools, industry news or lessons learned.
- Working with clients to implement practices to produce secure applications and identify and eliminate security vulnerabilities.
- Working independently, undertaking information security engagements including working co-ordination and project management (client interaction, deliverables, work plans, escalation’s, etc.).
- Growing the business by identify up-sells with existing and potential clients.
- Providing regular status reports on all projects assigned.
- Being a team player and having the capability to expand having the capability to expand/adapt your skills in a fast-paced ever-changing industry.
Qualifications/ Experience
- At least 5 years of previous professional experience in cyber security, information security or risk assessments.
- Strong professional and technical experience in information technology or information security.
- Must have hands on or conceptual understanding in networking, end user systems support, server support, virus and malware systems, logging, keep time on network, building systems from scratch, policies, procedures, computer user account management, vulnerability scanning, pen testing, and wireless networking.
Certification Requirements:
- CISSP Required
- Additionally CISA, CISM, ISO 27001, Lead Auditor or Internal Auditor looked upon favourably.
VikingCloud is an equal opportunities employer.
