Perform technical security testing, including cyber-attack simulations and threat and vulnerability assessments.
Support cybersecurity assessments consisting of security architecture reviews, system configuration reviews and cloud security evaluations.
Support cybersecurity incident response readiness activities, including tabletop exercises and evaluations of incident response capabilities.
Document results from technical testing performed and develop tailored recommendations to mitigate associated cyber threats and risks.
Execute assigned client engagements from start to finish, which includes engagement planning, fieldwork execution and reporting.
Remain current and apply knowledge of cybersecurity trends and risks.
Communicate (verbally and in writing) externally with clients and internally with all levels of the organization to successfully accomplish objectives portraying knowledge and confidence.
Proactively interact with key client management to gather information, resolve problems and make recommendations for improvements.
Develop client relationships with the intention to exceed client expectations.
Adhere to the highest degree of professional standards and strict client confidentiality.
Participate in professional development activities and training sessions on regular basis.
Other duties as assigned.
Required Skills and Experience
3+ years of related cybersecurity experience in a similar consulting practice or function.
Experience in one or more of the overarching areas below:
Conducting technical security testing, including one or more of the following: cyber-attack simulations, vulnerability assessments, web application testing, and/or penetration testing.
Reviewing security architecture deployments and assessing and/or implementing secure configurations for common network devices (routers, switches, firewalls), server operating systems (Windows and Linux) and database management systems.
Assessing and/or implementing security solutions and controls within cloud service provider platforms (e.g., AWS, Azure, GCP, O365).
Ability to document technical testing and assessment results in a formal report format and present results and recommendations to both a technical and non-technical audience.
Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
Ability to execute multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment.
Strong professional verbal and written skills.
Excellent analytical, organizational and project management skills.
Desired Skills and Experience
Bachelor’s and/or Master’s degree in Information Technology, Cybersecurity, Computer Science or a related field.
One or more relevant technical certifications such as: CISSP, GIAC (GSEC, GCIH, GSIP, etc.), MS-500, AZ-500, AWS Certified Security, Google Cloud Professional Architect / Security Engineer
Working knowledge of cybersecurity industry leading practices and frameworks, such as NIST CSF, CIS Controls, CIS Benchmarks, OWASP, MITRE.
Familiarity with common threat and vulnerability management and endpoint security solutions.
