Our Mission                 

We believe robust cybersecurity and optimized internal controls are crucial to defending a company’s profits and reputation.

We are here to help our clients achieve this mission.

ABOUT THE POSITION

• Demonstrate professional client management skills by building and maintaining strong relationships with clients.
• Communicate findings, recommendations, think creatively and drive project progress effectively.
• Conduct comprehensive cybersecurity audits and risk assessments by evaluating information security policies, procedures, and controls.
• Utilize industry and security knowledge to help clients identify vulnerabilities, weaknesses, gaps in controls and potential threats in order to translate into language understandable to the client and actionable for remediation.
• Participate in strategic cybersecurity planning by collaborating with clients to refine cybersecurity strategies and implement governance and compliance frameworks.
• Assist clients in establishing cybersecurity roadmaps and long-term security goals.
• Experience working with internal audit, risk and IT departments and performing readiness assessments or audits of business and IT functions.
• Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions.
• Conduct specialized IT frameworks audits and assessments (e.g. ISO 27001, HITRUST, HIPAA, NIST etc.)
• Build and nurture positive working relationships with clients and coworkers, by providing high quality deliverables and communications.
• Appropriate reporting of action items, roadblocks, and other tasks during projects to managers and clients.
• Play a substantive role with project management by supporting engagement planning, providing regular status reports for the client, while collaborating with junior staff.
• Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements.
• Other tasks and duties as assigned.

• Bachelor's degree (in Management Information Systems, Information Technology, Computer Science, Accounting, Business Administration).
• 4-5+ years of relevant work experience, with industry focus a plus.
• Prior consulting experience in cybersecurity, risk management, IT audit, and/or other applicable fields.  Minimum 3 years in consulting with multiple clients.
• Demonstrated experience in one or more areas of cybersecurity such as network security, identity and access management, threat intelligence, cloud security, GRC.
• Demonstrated ability to manage multiple projects simultaneously and experience scoping, planning, and executing projects autonomously.
• Strong experience with regulatory and compliance standards (e.g., NIST, ISO 27001/2/17/18/ 27701, SOC 1, SOC 2, SOX, HITRUST, HIPAA, PCI etc.)
• Ability to travel up to 10-15%, based on the work you do and the clients and industries/sectors you serve. However, this is a remote position, so travel is very limited.
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

• “Big 4” consulting experience in various industries.
• Ability to state complex issues simply.
• Strong communication skills, both written and verbal.
• Experience with working in an ambiguous environment.
• Certification as CISSP, CCSK, CISA, CISM, and/or CPA preferred.