We are seeking a highly skilled and experienced Cybersecurity Consultant / Senior Cybersecurity Advisor to join our world-class cybersecurity consulting (v CISO) team at Abacus Group. The ideal candidate will have a deep understanding of information security strategies suitable for small and mid-size businesses within the financial services sector coupled with technical expertise to guide and advise on implementation efforts.
Responsibilities (including but not limited to):
-
Act as the primary security advisor for multiple clients, providing strategic guidance and oversight on all aspects of their cybersecurity programs.
-
Develop and implement security strategies, policies, and procedures for varying client environments.
-
Conduct technical risk assessments and develop risk management plans to address identified vulnerabilities and threats within complex environments.
-
Design and advise on the implementation of secure architectures and solutions tailored to client needs.
-
Build and maintain strong relationships with clients, understanding their unique security challenges and providing tailored solutions.
-
Provide subject matter expertise on network and endpoint security to the Abacus Group Red Team to include reviewing relevant risk assessment and penetration testing reports and recommendations related to cloud vulnerabilities.
-
Collaborate closely with the Red Team to refine and improve remediation recommendations within security testing reports.
-
Internally assess, evaluate, and make recommendations to management regarding the adequacy of the security controls for customer security programs.
-
Researching and keeping up to date with industry compliance regulations, most specifically within the investment and financial services space, including SEC, FCA, FTC, FINRA, and NYDFS.
- Serving as a senior technical resource compliance information security gap assessment for various regulations and frameworks. (NIST CSF, CIS CSC v8, HIPAA, PCI-DSS, SOC2, ISO27001, etc.)
Skills:
-
Proven expertise on the administration, security, and configuration of one major cloud platform (Azure or AWS )
-
Proven expertise in the realm of identity and access management (IAM) leveraging solutions such as Privileged Identity Management (PIM) and conditional access policies.
-
Experience working with cloud automation to include infrastructure as code and compliance as code.
-
Experience configuring and supporting endpoint security tools (EDR, Encryption, Behaviour Analysis)
-
Experience configuring email security controls (such as Defender for Microsoft 365, Proof Point, Mimecast, Abnormal Security, etc.)
-
Proficient in various security solutions, including Anti-virus, HIPS, ID/PS, Full Packet Capture, and Forensics.
-
Strong attention to detail and well organized.
-
Excellent verbal communication and written communication skills, especially when communicating complex concepts to non-technical audiences.
- Highly motivated to continuously learn, grow and innovate.
Requirements
Education:
- Bachelors’ Degree (Masters’ Preferred) in one of the following areas of concentration: Computer Science, Software Development, Information Technology, Cybersecurity.
Experience:
-
7+ years of progressive technology experience with a blend of technical knowledge and a customer-focused mindset including:
-
5+ years of technology leadership experience; demonstrated ability to recruit, mentor, coach, and develop individual contributors
-
3+ years of experience with major cloud hosting service providers, with focus on Azure or AWS
- Strong automation and problem-solving skills and ability to carry tasks and projects to completion
Certifications:
-
Relevant certifications such as CISSP, CISM, CCSP, MS-500, MS-100 or AWS Certified Security Specialty or similar.
- Nice to have: Any CREST Certification