Audit and Cyber Security Senior Consultant | Jobs with Elevate

Audit and Cyber Security Senior Consultant Open

Country: United States
Apply to this Job
Trexie Erra

Trexie Erra is recruiting this position.

email me  linkedin

Job Description


Elevate is a premier consulting firm specialized in Cyber Security, IT Compliance & Privacy, Internal Audit and Process Improvement.  Our team consists of self-managed, high-caliber professionals with deep skills in the IT and Process Improvement domains.  We value exceptional client service, solving and coaching our clients through complex and critical transformations and providing effective communication (both verbal & written).  We are looking for a motivated, experienced, and self-managed IT Audit & Security Lead Senior Consultant to join our growing team.

Our Mission                 

We believe robust cybersecurity and optimized internal controls are crucial to defending a company’s profits and reputation.

We are here to help our clients achieve this mission.


Elevate is looking for an experienced Audit and Cyber Security Senior Consultant (“Senior Consultant”) who possesses a broad skillset, demonstrating excellent communication and presentations skills, analytical thinking, and a desire for learning and working with clients.
You will work closely with clients to conduct information security assessments, IT audits and IT security and advisory projects.

You will play a pivotal role in our organization’s efforts to enhance clients’ cybersecurity resilience and compliance. Additionally, your role will involve guiding and mentoring junior consultants while actively participating in the development of our cybersecurity practice.

Work you’ll do
  • Demonstrate professional client management skills by building and maintaining strong relationships with clients.
  • Communicate findings, recommendations, think creatively and drive project progress effectively.
  • Conduct comprehensive cybersecurity audits and risk assessments by evaluating information security policies, procedures, and controls.
  • Utilize industry and security knowledge to help clients identify vulnerabilities, weaknesses, gaps in controls and potential threats in order to translate into language understandable to the client and actionable for remediation.
  • Participate in strategic cybersecurity planning by collaborating with clients to refine cybersecurity strategies and implement governance and compliance frameworks.
  • Assist clients in establishing cybersecurity roadmaps and long-term security goals.
  • Experience working with internal audit, risk and IT departments and performing readiness assessments or audits of business and IT functions.
  • Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions.
  • Conduct specialized IT frameworks audits and assessments (e.g. ISO 27001, HITRUST, HIPAA, NIST etc.)
  • Build and nurture positive working relationships with clients and coworkers, by providing high quality deliverables and communications.
  • Appropriate reporting of action items, roadblocks, and other tasks during projects to managers and clients.
  • Play a substantive role with project management by supporting engagement planning, providing regular status reports for the client, while collaborating with junior staff.
  • Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements.
  • Other tasks and duties as assigned.
  • Bachelor's degree (in Management Information Systems, Information Technology, Computer Science, Accounting, Business Administration).
  • 4-5+ years of relevant work experience, with industry focus a plus.
  • Prior consulting experience in cybersecurity, risk management, IT audit, and/or other applicable fields.  Minimum 3 years in consulting with multiple clients.
  • Demonstrated experience in one or more areas of cybersecurity such as network security, identity and access management, threat intelligence, cloud security, GRC.
  • Demonstrated ability to manage multiple projects simultaneously and experience scoping, planning, and executing projects autonomously.
  • Strong experience with regulatory and compliance standards (e.g., NIST, ISO 27001/2/17/18/ 27701, SOC 1, SOC 2, SOX, HITRUST, HIPAA, PCI etc.)
  • Ability to travel up to 10-15%, based on the work you do and the clients and industries/sectors you serve. However, this is a remote position, so travel is very limited.
  • Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
  • “Big 4” consulting experience in various industries.
  • Ability to state complex issues simply.
  • Strong communication skills, both written and verbal.
  • Experience with working in an ambiguous environment.
  • Certification as CISSP, CCSK, CISA, CISM, and/or CPA preferred.
  • Status: