Principle Security Consultant (Security Policy and Design)
Location: Unites States
CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively.
CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.
CyberProof is seeking a Senior Security Consultant:
At the core of what we do is our people. The Security Operations Group of CyberProof consists of a global team of 250+ highly talented people including experienced security operations experts, certified cyber security experts, researchers and analysts, project leaders, consultants, and sales professionals. Individuals and teams in this group work closely with client cyber security teams and customer CISOs, CIO’s and/or senior business management on business & cyber security strategies and solutions.
This individual will have an extensive background in Application vulnerability remediation implementation, SLA adherence, defined and/or enhance existing or new processes and procedures and work with customers to help design, document, drive and implement application vulnerability remediation processes.
Working with customer Info Security and AD teams to understand and enhance existing templates, understand existing architectures, configuration requirements, and response requirements. This work will be conducted through a knowledge acquisition process and a series of workshops with customers.
This position will be based at Chicago or Washington DC, USA, and will be required to work closely with client and UST Global/CyberProof stakeholders. This position will report to the Project Manager and Program Administrator.
Must have Skills:
· Minimum of 10-15+ years of experience in Information Security.
· Through understanding of SDLC and Application Security vulnerability remediation, application penetration testing
· Must have experience on managing vulnerability remediation management processes, programs, and adherence to SLAs
· Must have experience in HITRUST, NIST and SOC2 controls assessments, gaps and remediation
· Must have SharePoint skills
· Strong communication and negotiation skills
· Client facing roles and dealt, driven and as a Single Point of Contact with InfoSec teams in a consultative and advisory activities
· Ability to communicate, interpret Infosec and playback requirements to a non-technical security team (ie non-functional requirements)
· Ability to conduct workshops with over 200+ team members to explain vulnerability remediation processes and why it needs to be followed on a daily basis.
· Thorough understanding of Risk Management principles (Risk Register, Cyber risks etc)
· Fundamental understanding of Incident Management and Security Operations.
· Demonstrated process orientation and ability to manage complex tasks.
· Strong communicator and fluent in English.