Full-Time
Principal Consultant
Posted on 4/17/2024
Cybersecurity ratings and risk management platform
Compensation Overview
$180,000 - $200,000Annually
Senior
Remote in USA
- 8+ years of general experience in a technology discipline
- 5+ years of professional information security consulting experience
- Knowledge of various cyber security methodologies, solutions and current trends.
- Knowledge of at least one of the major information security management systems such as NIST CSF, NIST SP800-53 or ISO27000.
- Hands-on experience in one or more technical cybersecurity domains such as risk management, penetration testing, incident response, security operations, threat intelligence, security architecture, or security management,
- Excellent consultative, written and verbal communication skills.
- Ability to lead an informed discussion and bring clients to understand information security risks and needs.
- Strong influencing skills that promote productivity and inspire business transformation.
- At least one certification in the following list is recommended: CEH, GSLC, GCPM, GSTRT, GCCC, GSNA, CISSP, CISM, CISA or CRISC.
- Develop advisory guidance, roadmaps and recommendations to assist customers in maturing their third-party vendor risk programs, as well as lead technical reviews of information security according to major frameworks and standards.
- Create breach likelihood assessment reports with recommendations on mitigation strategies, roadmaps and provide ongoing consultations on implementations and progress.
- Conduct information security risk assessments – this includes, but is not limited to building asset inventories, identifying vulnerabilities and threats, calculating risk, creating risk treatment plans, and assisting with overall implementation of security controls and measures.
- Assess the maturity of cyber security programs and create strategies and roadmaps for Customer improvements.
- Evaluate Customer readiness for information security incidents and assist them in reaching the highest level of preparedness and ability to effectively react to future incidents.
- Implement information security frameworks and create sets of policies and procedures according to NIST Cybersecurity Framework, PCI DSS, HIPAA, GDPR, CCPA, and more.
- Develop, customize and deliver tabletop exercises to test solidity of Customer incident response plans and level of preparedness.
- Contribute to the advisory team by consulting with Customers on information security topics, conducting training, and documenting recommendations and providing deliverables to raise overall awareness on good cyber hygiene.
- Manage vendor risk assessments across a Customer ecosystem including cloud deployments such as Azure, AWS and GCP.
- Assist customers to utilize SecurityScorecard products and services to meet their self- and third-party risk management program objectives.
Working at SecurityScorecard, a global leader in cybersecurity ratings, provides an excellent opportunity for engaging in high-stakes cyber resilience and security assessments. The company's patented rating technology is utilized by over 25,000 organizations worldwide, offering employees a chance to work on critical enterprise and third-party risk management solutions. This environment not only fosters professional growth but also contributes to global cybersecurity advancements, making it an ideal workplace for those passionate about ICT risk management and resilience.
Company Stage
Series E
Total Funding
$292.2M
Headquarters
New York, New York
Founded
2013
6 month growth
↑ 0%1 year growth
↑ 0%2 year growth
↑ 6%Benefits
Health benefits
Education stipend
Unlimited PTO
Parental leave
401K
Stock options
Referral bonuses
Remote work available