Cybersecurity Consultant / vCISO
Strata Information GroupSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, ConsultingIndustries
Requirements
- Bachelor's degree and approximately 5-7 years of related work experience, preferably in a prior consultancy role
- Hold or pursue relevant certifications in the cybersecurity and risk management industry such as CISSP, CISM, CRISC, CCSP, CMMC CCP/CCA, ISO 27001 (Lead implementer)
- Strong understanding of cybersecurity frameworks (NIST, ISO 27001, CMMC, CIS, PCI, HIPAA, etc.)
- Hands-on experience with security assessments, risk management, compliance assessments, policy and standards and other related risk and compliance activities
- Experience working in cyber resilience including Business Continuity Planning, Disaster Recovery, Business Impact Analysis, and Operational Resilience
- Strong analytical and problem-solving skills for cybersecurity challenges
- Excellent communication and report writing skills for client engagements
- Ability to manage multiple projects and work independently in a fast-paced environment
- Willingness to travel to meet client needs
- Valid driver's license in the US
- The successful candidate must hold related professional certifications such as the CISSP, CISM, and/or CISA
Responsibilities
- Comfortable delivering independent work or takes the engagement lead for complex projects
- Acts as engagement escalation point to assist other delivery team consultants
- Work closely with clients to define, build and implement security leading practices
- Conduct risk assessments, security readiness audits, gap analysis with compliance and regulatory frameworks
- Assess compliance with industry standards and regulatory frameworks, such as NIST 800-171/53, ISO 27001, COSO, CMMC, HIPAA, PCI, or some combination of these
- Assist clients in developing risk management frameworks and mitigation strategies
- Provide third-party risk assessments to evaluate client’s supply chain, key vendors
- Support the design and implementation of cybersecurity policies, procedures, and governance frameworks
- Develop and refine security strategy assessments, security program plans, and POA&M
- Translate security operational and technical risks into business implications with recommendations for stakeholders
- Conduct workshops, stakeholder interviews, security awareness sessions and presentations with key client stakeholders
- Collaborate with Principal Consultants and Technical Managers to support client objectives
- Maintain clear documentation and reporting for security findings, analysis and recommendations
- Stay updated on emerging cybersecurity, risk management, key technologies and regulations
- Contribute to thought leadership through research, whitepapers and presentations
- Effectively provide knowledge transfer and post-production support activities as necessary
Skills
NIST 800-171
NIST 800-53
ISO 27001
COSO
CMMC
HIPAA
PCI
Risk Assessments
Gap Analysis
Third-Party Risk
Cybersecurity Policies
Risk Management Frameworks
POA&M
Security Strategy
Optiv
Cybersecurity advisory and solutions provider
About Optiv
Optiv helps businesses manage and reduce cyber risks by providing advisory services and solutions tailored to their specific needs. Their services cover the entire cybersecurity lifecycle, including strategy development, technology validation, and implementation of security measures. They serve nearly 6,000 clients across various industries, such as retail, manufacturing, and healthcare, ensuring that sensitive information is protected and digital systems remain secure. Unlike many competitors, Optiv focuses on customized solutions and ongoing support, adapting to the evolving cybersecurity landscape. Their goal is to empower organizations to secure their operations effectively and prepare for future challenges in technology, such as AI and IoT.
Denver, ColoradoHeadquarters
2015Year Founded
$12MTotal Funding
ACQUISITIONCompany Stage
Cybersecurity, AI & Machine LearningIndustries
1,001-5,000Employees
Risks
Rising competition from AI-driven cybersecurity firms like Secuvy.
Complexity in managing numerous cybersecurity tools may hinder effectiveness.
Meeting Zero Trust compliance deadlines requires significant investments.
Differentiation
Optiv offers comprehensive cybersecurity solutions tailored to diverse industry needs.
The company excels in Zero Trust architecture implementation for federal agencies.
Optiv's Future Point initiative explores AI, quantum computing, and IoT impacts.
Upsides
Optiv's AI Security Services enhance innovation and efficiency for clients.
Recognition as a leader in IDC MarketScape boosts Optiv's consulting credibility.
Increased cybersecurity budgets reflect growing demand for Optiv's services.
Related Jobs
RemoteRemoteSenior Risk Analyst - Enterprise Risk Management
DeelSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteCompliance Associate
RainSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteSr. Endpoint Tech Strategy Manager (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteActuary, Risk and Compliance
HumanaSalary not specified
RemoteSecurity Program Manager
OpenAISalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteStrategic Advisory Services Senior Consultant, Bilingual- Spanish/Engl…
CrowdstrikeSalary not specified