Senior Consultant, Cybersecurity

Creo Co., Ltd - Durham, NC

posted 3 days ago

Full-time - Senior
Durham, NC
11-50 employees
Merchant Wholesalers, Durable Goods

About the position

The Senior Consultant, Cybersecurity at CREO, LLC. is responsible for providing strategic leadership and direction for clients' information security programs. This role involves consulting on building and maturing security programs, advising on data privacy compliance, conducting cybersecurity assessments, and preparing clients for security audits. The consultant will also oversee vendor management and serve as the primary escalation point for security operations, ensuring effective incident response and risk management.

Responsibilities

  • Provide strategic leadership and direction for clients' information security programs.
  • Consult on building and maturing information security programs and risk management.
  • Advise clients on data privacy compliance regulations.
  • Provide monthly and quarterly reporting to leadership and board.
  • Conduct thorough assessments of clients' cybersecurity posture and recommend remediation strategies.
  • Prepare documentation for IT security engagement deliverables.
  • Provide consulting services for incident response preparation.
  • Prepare clients for security audits and ensure compliance with standards.
  • Consult on best practice configuration and evaluation of security tools and architectures.
  • Oversee cybersecurity partners and ensure quality of their work.
  • Serve as the primary escalation point for security operations.

Requirements

  • Minimum 10 years overall IT experience with 5+ years in information security.
  • Experience in successful enterprise information security programs.
  • Strong understanding of security frameworks like SOC2, NIST, ISO 27001.
  • Experience with security and privacy-related regulatory compliance such as HIPAA and GDPR.
  • Understanding of security operations functions and incident response.
  • Experience managing security training and phishing services.
  • Strong understanding of infrastructure security controls for various platforms.
  • Proficiency with Managed Defense & Response (MDR) and Managed Security Service Provider (MSSP).
  • Understanding of security controls around Azure and AWS.

Nice-to-haves

  • Knowledge of penetration testing tools and security event analysis.
  • Business development experience.
  • Certification in CISSP, CCSP, CISA, CISM, or similar.
  • Active Microsoft security certifications.
  • Experience in Governance Risk and Compliance (GRC).
  • Experience with computer systems validation and compliance.

Benefits

  • Competitive salary
  • Health insurance
  • 401k plan
  • Professional development opportunities
  • Flexible work environment

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service