Cybersecurity and Risk Advisory Associate Consultant
Alliant Cybersecurity is seeking a Cybersecurity and Risk Advisory Associate Consultant to be based in Houston, TX to help expand its Cybersecurity and Risk Advisory practice. In this role, you will serve as a cybersecurity analyst with regards to securing data and information systems and all associated cybersecurity policies and procedures for our clients. You should possess an understanding of how the security controls identified in leading frameworks like the NIST SP 800 and ISO 2700x apply to the process of assessing organization’s IT infrastructure and cloud technologies. Contributes to the review of the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determines the possible ramifications. Assists Cybersecurity Consultant and Project Manager in briefing clients on findings and recommended remediation.
- Assists with defining security objectives and system-level performance requirements.
- Assists in the assessment of the configuration of secure systems, tests security products/systems to detect computer and information security weaknesses.
- Coordinates the collection of documentation from clients.
- Coordinates and conducts client interviews, recording results in working papers.
- Assists with testing and exercises of security controls
- Assists with production of reports and updates to clients and senior members of the Alliant Cybersecurity team.
- Consulting experience.
- 1 or more security certifications to be attained within 1 year of employment
- Familiarity in at least two of the following security, privacy, governance, risk, compliance domains:
- IT Systems Hardening
- Access Management
- Vulnerability Management
- Incident Management
- Endpoint security
- Cloud Security
- Network security
- Compliance (NY DFS, GDPR, SOx, PCI/PA-DSS / HIPAA, etc.)
- Ability to learn to discover, map and analyze client challenges holistically and to formulate scope and detailed action plans. Problem solving skills are key within this context.
- Ability to work both autonomously as in concerted (client) matrix teams.
- Clear understanding of risk management and demonstrable real-world applicable experience.
- A goal oriented pragmatic attitude, with great attention to detail.
- Ability and willingness to learn and develop continuously (and sometimes rapidly.)
- Microsoft Suite skills, including and not limited to pivot tables, charting. (Focus: Excel, Word, PowerPoint and SharePoint.)
- A ‘can-do’ attitude will go a very long way to start with: Solution finding and appreciation for pragmatic risk management.
- Accredited college Bachelor’s degree
- Valid current driver’s license
- Familiarity with leading security systems, tools and methodologies.
- Friendly, respectful, ethical and inquisitive outgoing personality.
- Strong presentation and communication skills.
- Ability to travel up to 70% on a monthly basis.
- May require working both traditional and non-traditional hours.
- 2+ years of relevant experience in assessing security controls and conducting assessments for either large, complex organizations or mid-market businesses.
- CompTIA Sec+, (ISC)2 CISSP, CISM, CISA Certification