Information Security Consultant - ISO 27001

Information Security Consultant - ISO 27001
Pivot Point Security, United States

Experience
1 Year
Salary
0 - 0
Job Type
Job Shift
Job Category
Traveling
No
Career Level
Telecommute
No
Qualification
As mentioned in job details
Total Vacancies
1 Job
Posted on
Mar 10, 2021
Last Date
Apr 10, 2021
Location(s)

Job Description

Are you an experienced lead information security auditor/implementer? Have you authored policies? Have you worked as a consultant before?

If you also thrive in a dynamic environment, like challenges and believe work and fun are not mutually exclusive, then maybe you’re the one we’re looking for. We need team players who are smart and creative, who love IT assurance and who want to grow with a growing company: who are as comfortable talking with senior management about Information Security Management Systems and attestation strategies as they are with a developer or sysadmin about TLSv1.2.

We are looking for the right person with ISO 27001 experience to join our team as a GRC (Governance, Risk Management and Compliance) Consultant to work in a collaborative fashion with our clients to help them manage Information Security amp; compliance risk as well as prove the same to management and customers. While we may consider other types of implementer/auditor experience, our primary preference for this role is those who have led ISO 27001 and/or SOC 2 audits. Experience with Privacy (ISO 27701/GDPR/CCPA) and/or Business Continuity (ISO 22301) a plus. In this role, you will spend 10 - 35% of your time at client sites (post Covid, of course!) and the rest of your time working from wherever you work most effectively.

We expect this person will:

  • Track and ensure adequate and timely resolution to all audit and risk assessment findings or issues relating to information security, and never miss a deadline.
  • Effectively and appropriately communicate audit engagement reports and recommendations to client management and resolve any client concerns or questions.
  • Meet/exceed defined contribution goals for services you will deliver.
  • Achieve target Net Promoter Scores for your service by managing client relationships.
  • Ensure 100% certification success rate on ISMS projects.
  • Earn and gain the trust and respect of the PPS team.
  • Grow into a role with increasing responsibility

Requirements

The right person HAS the following characteristics (these are non-negotiable):

  • Personal integrity, a highly transparent nature, and a mind-set of mutual benefit.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high Self-Expectation (self-motivated, self-aware, self disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you do not get a second chance to see your child’s first school play and that it does not matter if the report gets done at 3:00 PM or 10:00 PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the board room.
  • The ability to work from anywhere as this role is remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):

  • Significant experience leading information security engagements with a preference for IS0 27001 and SOC 2 audits or assessments
  • Experience in leading or knowledge with implementations
  • Experience authoring policies and procedures
  • Significant experience working as a consultant working in a consulting firm managing multiple client projects.
  • Significant knowledge of ISO 27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO 27001 Information Security Management System.
  • Solid knowledge of the NIST 800-171/FISMA/CMMC framework and is derivatives (e.g., Fed RAMP, CMS Information Security Program) as many of our clients serve government customers.
  • Knowledge of ISO 27701/CCPA/GDPR Privacy frameworks.
  • Experience with ISO 22301 and Business Continuity.
  • Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable.
  • Experience and knowledge with Governance, Risk Management and Compliance
  • A desire to take on roles of increasing responsibility including defining services, managing teams and coordinating resources.


The right person often has the following attributes (these are negotiable):

  • Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CI

Job Specification

Job Rewards and Benefits

Pivot Point Security

Information Technology and Services - Chicago, Illinois, United States
© Copyright 2004-2024 Mustakbil.com All Right Reserved.