Comfortable delivering independent work or takes the engagement lead for complex projects
Acts as engagement escalation point to assist other delivery team consultants
Work closely with clients to define, build and implement security leading practices
Conduct risk assessments, security readiness audits, gap analysis with compliance and regulatory frameworks
Assess compliance with industry standards and regulatory frameworks, such as, NIST 800-171/53, ISO 27001, COSO, CMMC, HIPAA, PCI, or some combination of these
Assist clients in developing risk management frameworks and mitigation strategies
Provide third-party risk assessments to evaluate client’s supply chain, key vendors
Support the design and implementation of cybersecurity policies, procedures, and governance frameworks
Develop and refine security strategy assessments, security program plans, and POA&M
Translate security operational and technical risks into business implications with recommendations for stakeholders
Conduct workshops, stakeholder interviews, security awareness sessions and presentations with key client stakeholders
Collaborate with Principal Consultants and Technical Managers to support client objectives
Maintain clear documentation and reporting for security findings, analysis and recommendations
Stay updated on emerging cybersecurity, risk management, key technologies and regulations
Contribute to thought leadership through research, whitepapers and presentations
Effectively provide knowledge transfer and post-production support activities as necessary

Requirements

Bachelor's degree and approximately 5-7 years of related work experience, preferably in a prior consultancy role
Hold or pursue relevant certifications in the cybersecurity and risk management industry such as, CISSP, CISM, CRISC, CCSP, CMMC CCP/CCA, ISO 27001 (Lead implementer)
Strong understanding of cybersecurity frameworks (NIST, ISO 27001, CMMC, CIS, PCI, HIPAA, etc.)
Hands-on experience with security assessments, risk management, compliance assessments, policy and standards and other related risk and compliance activities
Experience working in cyber resilience including, Business Continuity Planning, Disaster Recovery, Business Impact Analysis, Operational Resilience.
Strong analytical and problem-solving skills for cybersecurity challenges
Excellent communication and report writing skills for client engagements
Ability to manage multiple projects and work independently in a fast-paced environment
Willingness to travel to meet client needs
Valid driver's license in the US
The successful candidate must hold related professional certifications such as the CISSP, CISM, and/or CISA
Must be Qualified Security Assessor (QSA)

Benefits

A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups
Work/life balance
Professional training resources
Creative problem-solving and the ability to tackle unique, complex projects
Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
The ability and technology necessary to productively work remotely/from home (where applicable)

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

risk assessmentssecurity readiness auditsgap analysiscybersecurity policiessecurity program planssecurity strategy assessmentsthird-party risk assessmentsBusiness Continuity PlanningDisaster RecoveryOperational Resilience

Soft Skills

analytical skillsproblem-solving skillscommunication skillsreport writing skillsproject managementindependent workstakeholder engagementknowledge transfercollaborationpresentation skills

Certifications

CISSPCISMCRISCCCSPCMMC CCPCMMC CCAISO 27001 (Lead implementer)CISAQualified Security Assessor (QSA)