- Plan and conduct
information security consulting engagements. Engagements may include:
- Analyzing the requirements for, designing and
developing security policies and standards
- Designing, developing implementing information
security management system initiatives such as security governance and strategy
setting, security incident response and handling plans and security awareness
- Performing cyber security posture assessment
- Performing security threat assessments
- Operational
knowledge and hands on experience implementing best practices standards such as
ISO 27000, COBIT, NIST, PCI DSS, GDPR and other security control frameworks.
- Work directly with
customers, both to develop work plans and executing consulting engagements.
- Engage clients in
workshops, interviews, surveys, and data collection to perform assessments.
- Comfortable
delivering security awareness to clients.
- Develop
deliverables in accordance with work plans developed collaboratively with
clients.
- Develop
well-written, well-structured, accessible, and useable deliverables, for both
client and internal audiences
- Work with the
Project Managers to produce status reports and manage your time within the
defined effort and duration project plans.
- Participate in
professional development activities, focused on information security, including
the pursuit of designations such as CISSP, CEH, and others
- Participate in
pre-sales discussion with clients when scoping projects and developing
proposal.
- Perform technical
reviews of proposals and RFP responses