Information Security Consultant
Heartland Business Systems · Fayetteville, AR · Yesterday
Information TechnologyFull-time
Roles and Responsibilities
- Audit, test, or review IT systems, network or application architecture and business processes for compliance with best practices and/or regulatory requirements.
- Review and recommend technical, administrative, and physical controls to mitigate identified risk.
- Perform risk assessments of IT infrastructure and applications and make recommendations for improvements based on the client’s stated risk tolerance levels.
- Develop materials and processes to assist clients with implementing both technical and non-technical controls.
- Aid with incident response during security events.
Requirements
- Accountability - Accountability looks at the extent to which an individual is willing to accept responsibility.
- Active Listening - Active listening looks at the extent to which an individual actively attends to, conveys, and understands the comments and questions of others.
- Adaptability - Adaptability looks at the extent to which an individual can fit into a changing working environment.
- Communication - Communication skills look at the extent to which an individual communicates with economy and clarity, actively engaging in conversations in order to clearly understand others' message and intent, and receives and processes feedback.
- Customer Oriented - Customer orientation implies a desire to serve both external and internal clients by focusing effort on meeting the client’s needs, understanding their concerns, and seeking to build trust.
- Decision Making - Decision making skills look at the ability of the individual to select an effective course of action while controlling resources and expenditures.
- Initiative: Initiative looks at the ability of the individual to act and take steps to solve or settle an issue.
- Problem Solving - Problem solving skills looks at the ability of the individual to recognize courses of action which can be taken to handle problems or potential problems, and applying contingency plans to solve those problems.
- Project Management: Project management skills looks at the ability of the individual to demonstrate an understanding of planning, organizing, staffing, directing, and controlling work tasks.
- Working Under Pressure - Working under pressure looks at the ability of the individual to maintain composure when exposed to stress.
Requirements
- Minimum of 1450 billed per fiscal year prorated based on start date. These charge hour requirements will be balanced against professional development and on the job training.
Required Experience
- 2+ years of related experience
- 2+ years implementing Cybersecurity Programs
- 2+ years implementing Compliance and Governance Programs
Preferred Experience
- 4+ years of IT Systems implementation or management experience
- 4+ years implementing compliance programs
- 4+ years in leadership role
Required Skills, Education and/ or Certifications
- CISSP or other current industry standard certifications in areas of security expertise
- Experience as a security consultant, analyst, engineer, system administrator, IT lead, or similar role focused on information security responsibilities
- Demonstrated experience with regulatory/compliance requirements (e.g., PCI, HIPAA/HITRUST, SOX, FISMA), information security frameworks and controls (e.g., NIST, ISO, CIS)
- Demonstrated experience reviewing and recommending appropriate technical, administrative, and physical controls
- Demonstrated experience selecting and implementing appropriate risk mitigation strategies to ensure IT systems remain within established risk tolerance levels
- Ability to develop policies, standards and baseline configurations
- Strong attention to detail and ability to document findings and convey information
- Ability to manage project deliverables and deadlines
- Ability to provide superior customer service via phone and email
- Strong listening and presentation skills
- Ability to clearly communicate with co-workers, management, clients, and vendors
Preferred Skills, Education and/ or Certifications
- Healthcare compliance, privacy, or security certification
- Certified Information Systems Security Professional (CISSP) or equivalent
- Certified Information Systems Auditor (CISA) or equivalent (CISM)
- Certified in Risk and Information Systems Control (CRISC) or equivalent