Security Risk Assessor - Accenture USA Bookmark Share Print 1148 0 0

Listing Description

In this role you will lead and execute enterprise-wide assessments and strategic projects that typically span the entirety of the client’s technology footprint. The ideal teammate will be knowledgeable regarding cybersecurity standards and technologies, experienced with designing and implementing cybersecurity controls and solutions, diligent and thorough in generating written work products, and adept at interacting with clients at all levels of the organization.

REQUIRED

·         Experience providing cybersecurity consulting services or performing significant roles within enterprise security organizations, optimally including hands-on support.

·         Experience performing assessments and/or audits, including the authoring of detailed reports containing findings and recommendations to improve the organization’s cybersecurity programs.

·         Experience developing strategic roadmaps, including the prioritization of high-value security initiatives and rationalization of investments.

·         Experience working across multiple lines of business to improve security controls and defensive mitigations.

·         Experience developing and delivering briefings to senior and executive leadership teams.

·         Knowledge of prevailing industry standard security control frameworks, including NIST, Cybersecurity Capability Maturity Model, CIS Top 20 Critical Security Controls, etc.

·         Knowledge of various security program functions including: Cyber Architecture & Engineering, Security Operations, Incident Response, Cyber Threat Intelligence, Threat & Vulnerability Management, Identity & Access Management, Governance, Risk & Compliance, Security Education & Awareness, etc.

·         Practical understanding of various network, system, and application security technologies including: SIEM, Firewall, IDS/IPS, Anti-Virus, DLP, Email Security Gateway, Web Proxy, Malware Sandbox, Vulnerability Scanner, EDR, WAF, CASB, etc.

·         Experience participating in or leading large technical projects and ensuring contractual requirements are delivered with quality.

NICE TO HAVES

·         Pacific time zone based

·         Deep understanding of specialized industry cybersecurity standards, including PCI, FFIEC CAT, DHS CSET, ISO 27000 series, IEC-62443, DoE C2M2, NERC-CIP, and NRC RG 5.71/NEI 08-09

·         Experience leading technical projects and ensuring contractual requirements are delivered with quality

·         Project management experience 

·         Information security certifications such as CISSP, GCCC, GCIH, GCFE, CISM, CISA, or CEH.

·         Master’s Degree in a technology-related field.