Senior Security Consultant, Risk - Remote

Overview

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

In Short

• Deliver successful consulting engagements across multiple Risk offerings while maintaining a high degree of customer satisfaction.
• Perform qualitative and quantitative risk assessments using industry-recognized frameworks, such as FAIR, ISO 31000, 30101, 27005, NIST 800-30, etc.
• Provide advisory services to GuidePoint customers to help mature their cyber risk management and information security programs.
• Establish strong relationships and trust with customers to understand customers’ business environments and requirements.
• Work with other GuidePoint Security practices as part of a cohesive cross-functional team.
• Remain current on industry developments and incorporate into service delivery.
• Strong ability to work independently and multi-task on multiple projects simultaneously.
• Provide mentorship to other Risk consultants and team members.
• Clear communication skills.

Requirements

• Minimum of 8 years of combined cybersecurity GRC experience across private/public sector and consulting.
• Minimum of 3 years’ experience consulting and delivering qualitative and quantitative risk assessments using industry-recognized methodologies.
• The ability to lead interviews with executive and technical stakeholders, unique to each client.
• Strong understanding and working knowledge of security frameworks and standards including NIST CSF, NIST CSF/RMF, ISO 31000, and others.
• Experience with GRC and Cyber Risk Management tools.
• Demonstrated experience in assessing, developing, and implementing GRC and cybersecurity risk management programs.
• Strong understanding of all the functions within a security program.
• Strong communication skills, to include articulating thoughts and distilling complex problems.
• Demonstrated experience in delivering written risk assessments report.
• Self-driven; able to manage schedules, meet deadlines, and work independently.
• Excellent project management skills.
• GRC or management focused industry certifications such as CISSP, CISA, CISM, CRISC, FAIR Fundamentals, etc.

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required).
• Group Medical Insurance options.
• Group Dental Insurance.
• 12 corporate holidays and a Flexible Time Off (FTO) program.
• Healthy mobile phone and home internet allowance.
• Eligibility for retirement plan after 2 months at open enrollment.
• Pet Benefit Option.