Consultant

Cybersecurity Consultant  

What to expect when you join the Sikich family

Team members at Sikich have a lot in common while also being part of a rich and diverse group of contributors, creating a distinct and thriving culture. Chief among our commonalities is a desire for growth and a shared unity of purpose in our professional lives. We believe that through diverse perspectives, challenging the status quo and rewarding action, we accelerate innovation and drive growth – for our clients, for ourselves and for our communities.

The professional services landscape continues to evolve. For Sikich, this means we have an opportunity to further cement our leadership position in this industry and continue to grow our organization in increasingly exciting ways. This growth is meaningful for every team member at our company because larger companies simply see more interesting client opportunities and can attract impressively talented individuals like you. Through a dedicated focus on key business priorities and intentionally creating a rewarding employee experience, Sikich has developed into a highly regarded provider of professional services and a sought-after employer of choice.

Do you want to work with other skilled practitioners and serve clients in a way that makes a difference? Are you seeking a supportive environment backed by a deep and extensive set of skillsets? Are you ready to make an impact and be acknowledged for your contributions? If you answered yes to these questions, we see a mutually beneficial and gratifying relationship on the horizon!

Are you ready to grow with us?

Position Summary

A cybersecurity consultant adopts the mindset of a threat actor, leads offensive engagements and assists with general information security consulting.  They enjoy cultivating trust-based client relationships, thrive in a supportive team environment, pass along what they are learning to others, and are dedicated to lifelong learning. Having a positive and inventive approach, they find ways to uncover value in even the most challenging situations. 

What will you do in this role?

• Perform penetration tests on applications and network environments. 
• Advise clients on scoping decisions, engagement details, and remediation efforts. 
• Author testing plans and penetration test reports using the MITRE ATT&CK® Framework. 
• Perform reconnaissance and network surveys to map targets. 
• Understand and engage with the following technologies: 
  • Web applications and services. 
  • Firewall, IPsec and SSL VPNs, IDS/IPS, WLANs. 
  • Database functions, interactions, and communications. 
  • Commercial and open-source security tools (e.g., Nessus, Nmap, Netcat, Metasploit, Burp Suite, Bloodhound, Empire, Wireshark, hypervisors, run-live distros, and much more). 
• Create scripts (Python, PowerShell, JavaScript, Bash) and develop applications as necessary to enhance or create efficiency and reproducibility in tests. 
• Interpret vulnerabilities, identify weaknesses, exploit them, and escalate access. 
• Identify systemic weaknesses in client processes and advise on remediation options. 
• Assist Incident Response team with security incident response consulting.
• Assist Security Operations team with security monitoring and remediation consulting.
• Assist vCISO team with security program consulting.  
• Initiate and support cross service line opportunities. 
• Research trade-craft tools, countermeasures, threats, and technologies. 
• Develop and refine tools, templates, and methodologies as needed. 
• Assist in developing service line processes and expectations. 
• Assist in developing and managing service line infrastructure and resources. 
• Engage with industry as an expert by blogging regularly and speaking at client industry events and webinars as comfortable. 
• Assist Incident Response team with security incident response consulting. 

What do you need to succeed in this role?

• Bachelor's degree in computer science, information technology, or related field, or equivalent practical experience.
• At least two 2 years of experience as an associate penetration tester. 
• Able to successfully complete 100 hour scoped tests in 90 hours. 
• Excellent written, verbal and editorial communication skills. 
• Commitment to working with quality assurance and editorial team. 
• Ability to lead communication with C-level, technical, and non-technical audiences. 
• Experience managing networks and systems for both Windows and Unix platforms. 
• Coding and scripting familiarity required (e.g., C#, PowerShell, JavaScript, Python, Bash). 
• Certified in Network Penetration testing (e.g., PNPT, eJPT, Pentest+) 
• Certified in a penetration testing vertical (e.g., cloud, red team, web apps, mobile apps, Wi-Fi, social engineering) 
• Working toward a general security role (e.g., CISSP, CISM, CISA, GCFA) 
• Working toward an advanced penetration testing certification (e.g., OSCP, GPEN, CRTO) 
• Becoming familiar with compliance programs (e.g., PCI DSS, HIPAA, GLBA, CMMC) 
• Ready to learn more about incident response and digital forensics. 

In addition, specific skills/experience required are as follows:

• Servant Leader – You are hyper focused on engaging employees, fostering their development, and building a positive culture.
• Solutions Focused – You see opportunities in every business problem and can develop, articulate, and implement solutions.
• Collaboration – You are a relationship builder across all levels of the organization and across all business units.
• Instills Trust - You do what you say, and you follow through on commitments, you act with integrity, you are consistent and are perceived as credible.
• Impact & Influence Thinking – You gain support for ideas, proposals, and solutions, and get others to act, with or without formal authority, to advance initiatives/objectives.

About Sikich

Sikichis a global company specializing in Accounting, Advisory, and Technical professional services. With employees across the globe, Sikich ranks as one of the largest professional services companies in the United States. Our comprehensive skillsets, obtained over decades of experience as entrepreneurs, business owners and industry innovators, allow us to provide insights and transformative strategies to help strengthen every dimension of our clients’ businesses.

Sikich Total Rewards

Our team members enjoy expansive benefits ranging from competitive compensation and insurance options to wellness programs and a flexible time off policy, to name only a few. Sikich also takes pride in prioritizing team members’ health, total wellbeing and time spent with family, friends and in the pursuit of personal goals, hobbies, and endeavors.

In compliance with this state’s pay transparency laws, the midpoint of the base salary range for this role is $100,850. This is not a guarantee of compensation or salary, as final offer amount may vary based on factors including but not limited to experience, commission, and geographic location.

Some examples of our many benefits:

• Sikich maintains a Flexible Time Off (FTO) Policy. We encourage every full-time employee, as your role permits, to utilize paid time off (personal time, mental/physical health care, vacation, sick leave, etc.). Waiting for time off to accrue is common at other companies. At Sikich, you do not have to wait for this benefit to kick in. FTO is activated on your first day with our organization.
• Sikich will also recognize paid holidays during the year and strives to permit employees to have time off the last week of the calendar year when client and project work permits.
• Sikich offers a comprehensive wellness program to engage, challenge and empower team members to take responsibility for their wellbeing. Activities can be tracked through our wellness provider to obtain gift cards and other rewards.

We also offer:

• Flexible work arrangements
• Health, dental, vision, life, and accident/death/disability insurance options
• HSA employer contribution
• Nine (9) paid holidays annually.
• A robust paid Parental Bonding Leave program covering birth, adoption, and foster      children.
• 401(k) with employer contributions
• CPA bonus with four (4) paid exam days & four (4) paid study days.
• Tuition reimbursement
• Generous employee referral bonus program
• Client referral bonus program
• Pet insurance
• FORCE – Sikich community volunteer program enabling each team member to use up to four hours of paid time annually to volunteer and make a difference in their localcommunities.

Want to learn more? Visit our Careers website or Glassdoor profile.

Sikich is an Equal Opportunity Employer M/F/D/V

#li-remote

Sikich currently practices in an alternative practice structure in accordance with the AICPA Professional Code of Conduct and applicable law, regulations, and professional standards. Sikich CPA LLC is a licensed CPA firm that provides audit and attest services to its clients. Sikich LLC has a contractual arrangement with Sikich CPA LLC under which Sikich LLC provides Sikich CPA LLC with professional and support personnel and other services to support Sikich CPA LLC’s performance of its professional services, and Sikich CPA LLC shares certain client information with Sikich LLC with respect to the provision of such services.