Jobs · Information Technology · Minnesota

Senior Cybersecurity Advisor

EPITEC · Little Canada, MN · 5 days ago
Information TechnologyContract

Responsibilities

  • Develop and maintain security guidance documentation, including standards and frameworks
  • Conduct full-stack architecture reviews of products and platforms, including consumer identity platforms
  • Perform cybersecurity threat modeling and prepare outputs for review by internal and external stakeholders
  • Establish, document, and monitor compliance with risk-based and regulatory-informed cybersecurity requirements for individual products
  • Collaborate with product designers and developers to ensure security considerations are integrated early into product design discussions
  • Validate the security of product software supply chains and product deployment pipelines
  • Develop risk mitigation strategies and recommend appropriate security controls
  • Evaluate the effectiveness of product cybersecurity controls
  • Identify and effectively communicate cyber risk trends
  • Ensure risk management plans are clearly documented, actionable, and accurately reflect the organization’s risk tolerance
  • Track and ensure product compliance with defined vulnerability remediation SLAs.
  • Participate in governance forums, architecture reviews, and technical discussions as a representative of Product Cybersecurity

Qualifications

  • 7+ years of experience in cybersecurity or technology architecture, assessment, or consulting with a focus on the development of secure digital product technologies
  • Experience conducting risk assessments, control assessments, and governance reporting
  • Strong understanding of modern technology stacks, including cloud-native architectures and API-driven services
  • Strong understanding of core concepts related to identity and access management, secure software development, network security, and cryptography
  • Familiar with device to device, service to service, and consumer identity and access management practices
  • Familiarity with modern phishing-resistant authentication technologies, including WebAuthn and Passkeys
  • Knowledge of global medical device regulatory frameworks
  • Excellent analytical, problem-solving, and communication skills
  • Working knowledge of security frameworks and standards (e.g., NIST, ISO/IEC 27001, PCI DSS)
  • Strong collaboration and influencing skills, with the ability to work effectively across technical and business teams
  • Exceptional written and verbal communication skills, with the ability to tailor complex information for diverse audiences
  • Strong analytical and problem solving skills, with the ability to work independently and manage multiple priorities
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Information Assurance, Software Engineering, or a related field
  • Preferred qualifications: cybersecurity experience across e-commerce, mobile apps, IoT, or medical devices. Preferred certifications include CISSP, HCISPP, CISM, CCSP, SABSA Foundation, CISA, or similar industry-recognized certifications

Similar jobs