Senior Managing Consultant (Cyber Security)
LaBine & Associates
- Costa Mesa, CA
Our client is an eDiscovery Expert Services Consulting firm with offices in Washington, DC and Costa Mesa, CA. They are known by law firms and corporations as trusted advisors in the areas of: Digital Forensics, Litigation Readiness, Information Governance (IG), Structured Data Recovery, Cyber Security and Discovery Services.
Due to growth, we have an immediate need for a senior-level consultant with proven leadership and management capabilities to lead our Cyber practice. The Senior Managing Consultant works closely with the SME Director to provide advisory and consulting services in the area of proactive and reactive cyber security including: Penetration Testing, Incident Response, Secure Network Evaluation, Network Monitoring, and Threat & Risk Investigation. This person will be responsible for managing, mentoring and coaching junior team members and will have proven success in working in a team as well as independently. Strong attention to detail and the ability to exhibit follow-through to understand root causes of issues is important in this role.
- Execute cybersecurity consulting engagements for various clients; ensuring timely progress, the achievement of objectives, and delivery quality
- Perform incident response activities including identification, response, investigation, and remediation of potential breaches and other issues surrounding data security.
- Proactively identify security problems, monitor performance trends, perform upgrades and make recommendations regarding security hardware, software, processes, and procedures as required.
- Assess and investigate client IT security programs and environments via interviews and technical information analyses.
- Understand existing client processes and controls and associated risks with respect to electronic and non-electronic information security.
- Develop client security programs by reviewing existing programs; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points.
- Develop Information Security Plans and Policies, customized to client requirements and risk profile.
- Develop incident response plans and procedures, and advise clients on steps to achieve incident response readiness (logging and monitoring configurations, triage and escalation procedures, wider stakeholder involvement, etc.)
- Advise clients on the implications of data privacy matters from a security perspective.
- Provide recommendations on IT solutions to help clients manage information security risk.
- Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow and access control models.
- Document results of security risk analyses and formally present to clients.
- Formulate executive level recommendations related to Information Security strategy.
- Understand current regulatory environment and related implications to security management compliance.
- Enhances team competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
- Provide day-to day guidance to the team that exemplify our core values, keeping a positive energy and providing motivation that can be replicated throughout the organization
- Provide leadership for smooth execution of IG related tasks on a daily basis
- Participate in the hiring, mentoring, and performance management of the new and existing team members
- Work with the Director of Client Services to provide written and verbal constructive feedback and coaching during Quarterly Conversations and annual performance reviews.
- Plan and facilitate regular cadence team meetings (weekly, bi-weekly, monthly, etc.)
- Track emerging security practices and contribute to building internal processes.
- Work within the boundaries of an overall practice methodology and blueprint.
- Assist with client engagement pursuit initiatives, including the development of client engagement proposals and scoping calls.
- Maintain appropriate documentation to include events such as chain of custody.
- Attend bi-monthly, quarterly and annual company meetings.
- May be asked to perform other duties not listed in this job description as required by business needs.
- Bachelor’s Degree in Information Security/Cybersecurity, Computer Science or related field; Advanced Degree preferred.
- 10+ years in progressively sophisticated roles in information security consulting, coupled with demonstrable experience in various Cybersecurity domains, including risk management, compliance, security strategy, security engineering, and/ or operations
- Security certifications (CISSP, CISA, CISM, GIAC, OSCP) a plus.
- Proven ability to perform penetration testing and vulnerability scanning using industry tools
- Demonstrated skill in collecting and analyzing complex data, evaluating information and systems, and drawing conclusions
- Strong, diverse technical background is a plus and truly exceptional oral and written communications skills
- Ability to maintain strict confidentiality of internal affairs and client work
- Ability to write scripts to automate investigative or security analysis tasks
- The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issue
- This position requires handling multiple engagements with overlapping deadlines. A demonstrated ability to write clear and precise reports on complex technical issues is essential
- A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel
- Proven ability to mentor and train junior staff
- Must be able to travel for client needs
- Flexibility regarding work schedule to meet position needs outside of regular business hours.
- Individuals must be able to perform the essential functions of this position with or without an accommodation
- This position constantly communicates with members of the company, outside vendors, clients and staff. Employee must be able to confidently and accurately communicate in both written and verbal form
Friday, January 31, 2020