Information Security Consultant - Military veterans preferred

Heartland Technology Group


Description:

Position Summary:

Heartland's team of Information Security Consultants provide IT risk management, information security, and compliance consulting services to clients in a variety of industries. Consultants routinely perform risk assessments, audit systems for compliance, work with IT and business leaders to identify and properly mitigate risks, recommend improvements for administrative, technical and physical controls, help clarify compliance requirements, and lead incident response activities. The Information Security Consultant may act as vCISO for a client under the supervision of a Senior Consultant or Practice Manager.

Roles and Responsibilities/ Essential Functions:

• Audit, test, or review IT systems, network or application architecture and business processes for compliance with best practices and/or regulatory requirements.
• Review and recommend technical, administrative, and physical controls to mitigate identified risk.
• Perform risk assessments of IT infrastructure and applications and make recommendations for improvements based on the client's stated risk tolerance levels.
• Develop materials and processes to assist clients with implementing both technical and non-technical controls.
• Assist with incident response during security events.
• Minimum of 1450 billed per fiscal year prorated based on start date. These charge hour requirements will be balanced against professional development and on the job training.

Competencies:

• Accountability - Accountability looks at the extent to which an individual is willing to accept responsibility.
• Active Listening - Active listening looks at the extent to which an individual actively attends to, conveys, and understands the comments and questions of others.
• Adaptability - Adaptability looks at the extent to which an individual can fit into a changing working environment.
• Communication - Communication skills look at the extent to which an individual communicates with economy and clarity, actively engaging in conversations in order to clearly understand others' message and intent, and receives and processes feedback.
• Customer Oriented - Customer orientation implies a desire to serve both external and internal clients by focusing effort on meeting the client's needs, understanding their concerns, and seeking to build trust.
• Decision Making - Decision making skills look at the ability of the individual to select an effective course of action while controlling resources and expenditures.
• Initiative: Initiative looks at the ability of the individual to act and take steps to solve or settle an issue.
• Problem Solving - Problem solving skills looks at the ability of the individual to recognize courses of action which can be taken to handle problems or potential problems, and applying contingency plans to solve those problems.
• Project Management: Project management skills looks at the ability of the individual to demonstrate an understanding of planning, organizing, staffing, directing, and controlling work tasks.
• Working Under Pressure - Working under pressure looks at the ability of the individual to maintain composure when exposed to stress.

Required Experience:

• 2+ years of related experience
• 2+ years implementing Cybersecurity Programs
• 2+ years implementing Compliance and Governance Programs

Preferred Experience:

• 4+ years of IT Systems implementation or management experience
• 4+ years implementing compliance programs
• 4+ years in leadership role

Required Skills, Education and/ or Certifications:

• CISSP or other current industry standard certifications in areas of security expertise
• Experience as a security consultant, analyst, engineer, system administrator, IT lead, or similar role focused on information security responsibilities
• Ability to identify and evaluate risk to IT systems and associated business processes and communicate risks to management
• Demonstrated experience with regulatory/compliance requirements (e.g., PCI, HIPAA/HITRUST, SOX, FISMA), information security frameworks and controls (e.g., NIST, ISO, CIS)
• Demonstrated experience reviewing and recommending appropriate technical, administrative, and physical controls
• Demonstrated experience selecting and implementing appropriate risk mitigation strategies to ensure IT systems remain within established risk tolerance levels
• Ability to develop policies, standards and baseline configurations
• Strong attention to detail and ability to document findings and convey information
• Ability to manage project deliverables and deadlines
• Ability to provide superior customer service via phone and email
• Strong listening and presentation skills
• Ability to clearly communicate with co-workers, management, clients, and vendors

Preferred Skills, Education and/ or Certifications:

• Healthcare compliance, privacy, or security certification
• Certified Information Systems Security Professional (CISSP) or equivalent
• Certified Information Systems Auditor (CISA) or equivalent (CISM)
• Certified in Risk and Information Systems Control (CRISC) or equivalent

Equal Opportunity Employer - Including Disabled and Veterans

#HBS

PI277932654