Senior Cyber Security and IT Risk and Controls
Previous Job
Senior Cyber Security and IT Risk and Controls
Ref No.: 18-03120
Location: NY, New York
Position Type:Direct Placement
Pay Rate : $ 135,000.00 - 150,000.00 /Year

The Cybersecurity and IT Risk Consultant performs Cyber and IT Risk assessments, makes recommendations and implements steps to combat and identify cyber threats and IT risks. The consultant will leverage IT tools, framework and appropriate methodologies to conduct these assignments.

The consultant will also help clients understand and quantify their risk exposures, evaluate strategy or program, and build/maintain risk models. Certain assignments will also consist of advising clients in order to build and implement IT Risks or Cybersecurity controls, assisting in writing documentation, or conducting testing.

Business Communication
  • Coordinates with technology and business groups to assess, implement, and monitor IT-related security risks/hazards.
  • Prepares assessments and cyber threat profiles of current events based on the sophisticated collection, research and analysis of classified and open source information.

Technical Expertise:
  • Must be well versed in the techniques that actors utilize to attack an organization and understand how to pull information from large data sets and how to structure information for reuse.
  • Knowledge of collection and analysis methods as well as knowledge in multiple tools (e.g. Penetration Testing), mostly targeted to data correlation and technical areas.
  • Knowledge of IT Frameworks (COBIT, NIST...).
  • Good Understanding of Software and Database Architecture.
  • Previous Software Development / QA is a plus.

Functional Knowledge:
  • Interprets IT Risk business challenges, identifies trends and recommends best practices.

Business Knowledge:
  • Able to articulate complex Cyber Threats to non-technical business leaders.
  • Ability to train IT security concepts.

  • 4-10 years' experience in Information Technology, Security or Risk from an IT Audit or IT Risk consulting background.
  • Bachelor's Degree or high level of education. Ideally a BA/BS in Information Technology, Security, Cyber Intelligence or similar discipline.
  • Professional accreditations such as CISA or CISSP are a plus.
  • Good knowledge of Excel (macros, vlookups, vlookups returning multiple values, pivot tables)
  • Ability to program is a plus.