Cyber Consultant (contract)
KPMG US · El Segundo, CA · 3 wk ago
RemoteRemoteEngineeringContract
Responsibilities
- Assess client organizations against the Center for Internet Security Critical Security Controls Version 8 framework.
- Apply strong working knowledge of CIS Controls v8 to evaluate cybersecurity maturity, identify gaps, and support assessment conclusions.
- Facilitate client walkthroughs, interviews, and evidence review sessions with stakeholders across technical and business functions.
- Communicate effectively with executive-level stakeholders, translating assessment findings, risks, and recommendations into clear business language.
- Navigate client questions during the assessment process and provide informed guidance aligned with CIS Controls v8 requirements.
- Collaborate with KGS teams responsible for preparing assessment deliverables and supporting documentation.
- Review, refine, and finalize the final assessment report for delivery to the client.
- Ensure final deliverables are accurate, professional, and aligned with client expectations and assessment objectives.
- Stay up-to-date with the latest cybersecurity trends, technologies, and threats.
- Collaborate with cross-functional teams to ensure the integration of cybersecurity measures across all systems and processes.
Qualifications
- Bachelor's degree in Computer Science, Information Technology, or a related field preferred, not required.
- Proven experience as a Cyber Consultant, Cybersecurity Analyst, or similar role.
- Strong knowledge of cybersecurity principles, frameworks, and best practices.
- Familiarity with industry regulations and compliance standards (e.g., GDPR, HIPAA, ISO 27001).
- Experience with cybersecurity tools and technologies, such as firewalls, intrusion detection systems, and SIEM.
- Strong analytical and problem-solving skills, with the ability to assess risks and propose effective solutions.
- Excellent communication and interpersonal skills, with the ability to effectively communicate complex cybersecurity concepts to non-technical stakeholders.
- Relevant certifications, such as CISSP, CISM, or CEH, are highly desirable.