Cybersecurity Consultant

Terra Verde LLC
Phoenix, AZ
Sep 15, 2017
Jobs Outside Higher Education
Software & Technology
Institution Type
Outside Academe

Job Description

Cybersecurity Consultant

Job Description

The day-to-day activities of a cybersecurity consultant are often complex and will vary depending on the client and type of project. You may work alone on some projects, while others will involve a large team and could be based in one location or across various sites.

Typical tasks involve:
  • carrying out research and data collection to understand the client organization;
  • planning and executing specific analysis/discovery tools and efforts to collect data for analysis;
  • conducting analysis on data and collaborating with other team members to establish baselines;
  • develop future state plans for clients, including budgets, timelines and personnel requirements;
  • interviewing client employees, management team and other stakeholders;
  • running focus groups and facilitating workshops;
  • preparing business proposals and presentations.

Cybersecurity Consultants tend to spend most of their time at client sites and must be able to work independently with minimal supervision as well as be creative and innovative at conducting a high volume of risk analyses while reporting accurate and relevant risks to the appropriate constituents.


Assist clients with remediation planning and ensure identified gaps have been appropriately managed in order to achieve certification

Conduct IT risk analysis, evaluations and report assessment findings on IT assets and processes as it pertains to Risk Management or compliance requirements

Coordinate with in-house physical security specialists, digital forensic examiners/data breach experts, network engineers, system engineers and Web application engineers to explore and report on specific security risk issues in more depth as required

Evaluate and proposing solutions to mitigate risks under the established risk management strategies;

Evaluate risks associated with the use of third-party IT vendors

Implement controls and configurations aligned with security policies and legal, regulatory and audit requirements

Participate in client interviews and requests for information in order to investigate and analyze relevant information regarding client IT environments

Participate in root cause analysis of critical events for improving preventative and reactive processes

Perform ongoing security procedures, including review of patch compliance, configuration management, firewall activity and other system logs, vulnerability (anti-virus, software/firmware patch) management periodic system intrusion testing and investigation of exception conditions

Perform technical testing of controls (including technical scanning) for assurance and validation of IT asset compliance

Review compliance regulations and assisting with updating organizational compliance initiatives; assisting in the development of internal processes for streamlining risk analysis techniques; assisting in development of risk metrics fore reporting to senior management and clients

Understand existing client processes and controls with respect to electronic and non-electronic information security

Write and contribute to project plans, author network security engineering level documentation, and develop detailed test plans; other duties as assigned


5+ years of cybersecurity experience

Ability to be resourceful, creative and flexible

Ability to manage processes and associate relationships in multiple locations

Ability to work independently towards goals

Business, computer, or related technical degree from an accredited institution

CISSP, CISM, CISA, CEH, CEPT, PCI QSA, GIAC or similar relevant information security certifications required (at least one, multiple preferred)

Direct experience of IDS/IPS, NextGen and applications firewalls, VPN, DLP, data encryption, SIEM, vulnerability assessment and penetration testing, Windows / Linux and database security

Demonstrate self-confidence, energy and enthusiasm

Demonstrated organizational skills

Desire to participate as part of a team

Excellent oral, written, interpersonal, and communication skills required

Experience with common information security management frameworks, such as ISO27001/27002, HIPAA, PCI, FISMA, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT)

Manage time well, correctly prioritizing tasks

Must meet performance standards

Present ideas, expectations and information in a concise, well-organized way

Proven ability to plan, test, and implement security controls

Proven ability to share knowledge, resolves conflict, create consensus, and lead complex projects

Relevant network administration, information security or technical IT audit experience required; consulting experience strongly preferred

Ability to Travel

Travel required based on client requests/commitments.

** Must have a background that would permit the issuance of a security clearance, which includes US citizenship.

Phoenix, AZ


Tue, 22 Aug 2017 08:53:22 PDT