Cybersecurity Consultant

Position Summary:                                                                                                                                                       

The Cybersecurity Consultant position will provide consulting services to customers and internal teams in the areas of Information Security assessments, policies, procedures, recommendations, and risk management. Additionally, this position will require consulting in other related cybersecurity products and services that Loffler sells and supports.

This position will focus primarily on consulting with our clients regarding cybersecurity Governance, Risk, and Compliance (GRC), and working with them to assess their current state and assist with building or enhancing their cybersecurity programs – guiding them through the process of creating policies/procedures, and selecting/implementing controls.

Essential Duties & Responsibilities:

All areas of responsibility listed below are essential to the satisfactory performance of this position, with reasonable accommodation, if necessary.  Any non-essential functions are assumed to be included in "other related duties as assigned":

 

Customer-facing Engagements - 80%

• Deliver Information Security assessments using standardized methodologies and tools approved by the Cybersecurity and IT Consulting team, such as S2Org.
• Serve as Virtual Chief Information Security Officer (vCISO) and lead regular consulting meetings with clients who are enrolled in this program.
• Conduct security vulnerability assessments using standardized tools, such as Tenable Nessus and Rapidfire Tools.
• Conduct readiness assessments and provide consulting guidance to customers seeking to attain cybersecurity certification and/or compliance in PCI, HIPPA, ISO, NIST, and other related cybersecurity and compliance frameworks.
• Assess Business Continuity and Disaster Recovery (BC/DR) policies and procedures for clients and provide written recommendations as it relates to security.
• Coordinate implementation and provide ongoing oversight and consulting services for customers enrolled in Managed Detection and Response (MDR) services.
• Provide project oversight and project implementation services for security software, hardware, cloud services, and appliances related to cybersecurity products and services installed and/or supported by the team.
• Work effectively with internal Loffler teams, customer teams, and approved third parties engaged in delivering cybersecurity services to clients.
• Deliver managed Vendor Risk Management services to clients.
• Deliver managed Vulnerability Management services to clients.
• Create and maintain Information Security policies and related standards and procedures for clients.
• Conduct cybersecurity consulting engagements, including interviews, data analysis, report writing, and presentations.
• Utilize and understand the Loffler cybersecurity and risk management tools and practices as part of ongoing customer engagements and services offerings.
• Build strong relationships with consulting clients.

Administrative and Internal Activities - 20%

• Research and develop new product and service offerings and contribute to the enhancement and improvement of products and services offered by the team.
• Learn to deliver new product and services offerings that are being rapidly developed by the team.
• Provide pre-sales support to our sales team.
• Gather customer requirements and scope consulting engagements.
• Create detailed time entries and documentation to support the activities performed.
• Consult with internal teams regarding information security compliance, certification, and risk management.
• Create, revise, and maintain Information Security policies and procedures to be used by internal teams.
• Assist with implementation and communication of Information Security policies and procedures.
• Responsible for understanding, staying updated on, and abiding by the Employee Handbook as written.
• Other duties as assigned.

 

Qualifications/Requirements:                                                                 

• Minimum of two days in office 
• Excellent written and oral communication skills.
• At least 3 years' prior experience in assessing GRC.
• At least 3 years' prior experience in interpreting, writing, and implementing cybersecurity policies and procedures.
• At least 5 years' prior experience preferred in Information Technology fundamentals, TCP/IP networking, firewalls, routers, network switching, wireless networking, servers, storage area networks, server virtualization, cloud computing, and related technologies.
• Ability to prioritize while working in a fluid environment.
• Ability to work independently on tasks assigned weekly.
• Ability to learn new technologies.
• Self-motivated and driven to perform.

Education/Experience:

• Associate's or Bachelor's degree in IT or related technical field (e.g., Cybersecurity, Computer Science, Engineering) and/or 10 years' experience in Information Technology Consulting or Information Security/Cybersecurity/Consulting.
• Current CISSP, CISM, CISA, C|CISO, CvCISO, or substantially similar certification.
• Additional technical and/or security certification(s) preferred.

Supervisory Responsibilities:

There are no supervisory responsibilities for this position.

 

Work Conditions:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• High energy position dealing with clients daily.
• Ability to work effectively in the office, remotely, and on client sites as needed.
• Requires some travel to and from client sites.

 

Loffler Core Values

What Defines our Culture.

• Positive Attitude: Be Part of the Solution. Put Extra Effort in All You Do. Everything You Do Matters. Be a Team Player.
• Integrity: Live the Mission. Be Honest. Deliver on Commitments. Do What is Right.
• Innovation: Be a Visionary. Welcome New Ideas. Work Smarter.
• Customer First Focus: Exceed Expectations. Delight Our Clients. Bring Value Every Day. Always Do a Good Job.
• Professionalism: Commit to Excellence. Learn & Improve. Looks and Words Matters. Best in Industry; Field Expert.
• Drive for Results: Performance-Orientated. Hard-Working. Refuse to Lose. Accountable.