• Cyber Security Manager

    Job Locations US-FL-Tampa | US-GA-Atlanta
    Posted Date 1 month ago(6/14/2018 9:11 AM)
    ID
    2018-1326
    # of Openings
    1
    Category
    Cyber Security Practice
  • Overview

    Focal Point Data Risk delivers a unified approach to addressing data risk through a unique combination of service offerings. Focal Point has brought together industry-leading expertise in cyber security, identity governance and access management, data privacy and analytics, internal audit, and hands-on training services, giving companies everything they need to plan and develop effective risk and security programs. By integrating these services, we provide our clients with the flexible support they need to protect and leverage data across any part of their organization. Simply put, Focal Point is the next generation of risk management.

    Responsibilities

    The Cyber Security Manager is responsible for managing and performing engagements related to a variety of technical assessments.  Managers must have deep subject matter expertise, the ability to interface directly with clients to lead successful and positive engagements, and the capacity to manage and mentor teams of junior resources.  The Cyber Security Manager is an integral part of delivery team and is responsible for reviewing draft deliverables, building relationships with client contacts, and providing technical guidance and consulting during engagements.  Because much of the work takes place on-site at client locations, frequent travel will be required.

    • Managing and performing technology control assessments in a wide variety of business environments, including:
      • Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
      • Information Technology Operational and Cyber Security Assessments in accordance with industry frameworks, such as COBIT 5, ISO 27001, ISO 27005, and NIST SP 800-30/Cybersecurity Framework (CSF)
      • HIPAA Security Rule and HITECH Act Compliance
      • Cloud Security Compliance
    • Assisting clients with the performance of Business Impact Analyses (BIAs) along with development of business continuity and disaster recovery plans (BCPs and DRPs)
    • Managing and performing Service Organization Control Examinations in accordance with AICPA requirements (SOC 1 SSAE 16, SOC 2 AT 101, SOC 3 AT 101)
    • Providing data classification services
    • Developing information technology and security policies and procedures
    • Providing trusted advisory services and guidance to clients that will reduce organizational risk and improve their overall security posture
    • Preparing and reviewing reports and other deliverables that contain strategy, technical analysis, and findings in connection with our advisory and assessment engagements and communicating those results to client management
    • Managing staff in the completion of engagements on time with limited necessary revision
    • Maintaining an up-to-date technical acumen
    • Leading client meetings and presenting at networking events (e.g. (ISC)2, ISACA, IAPP)
    • Assisting with business development activities, as a subject matter expert, including proposal development and sales calls
    • Preparing proposals and statements of work for future engagements
    • Assisting in the growth of the team by identification of resources  

    Qualifications

    SUPERVISORY RESPONSIBILITIES:

    • Managing teams of consultants and senior consultants in client engagements
    • Training, mentoring, and development of assigned team consultants

    EXPERIENCE:

    • 4+ years of relevant experience in the field(s) of IT Audit, Consulting, and/or Security, Privacy or Risk Management.

    GENERAL SKILLS:

    • Understanding of or experience with industry and regulatory frameworks and standards, including but not limited to: PCI DSS, NIST SP 800-30, NIST CSF, ISO 27000 series, Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM), Center for Internet Security (CIS) Top 20 Critical Security Controls (CSC), HIPAA Security Rule and HITECH Act, and information security requirements of Generally Accepted Privacy Principles (GAPP)
    • Working knowledge of network, system, database, and application-level security
    • Advanced written and verbal communication skills
    • Strong interpersonal skills and the ability to foster close professional relationships with clients
    • Strong project management skills and the ability to manage multiple projects and teams in parallel
    • Strong analytical skills and the ability to understand complex client business processes
    • An understanding of the importance of business ethics
    • Qualities such as professionalism, attention to detail, strong organizational skills, team-focus, dedication, resourcefulness, and an eagerness to learn
    • Strong proficiency with Microsoft Windows, Mac OS X, and the Microsoft Office suite of products, (i.e. Word, Excel, Visio, PowerPoint)

    TECHNICAL SKILLS:

    • IT governance, operations, and resource planning
    • Information system architecture and security controls, including:
      • Firewalls and routers
      • Intrusion detection and prevention systems
      • Operating systems (e.g., Windows, Linux, Unix, iSeries)
      • Remote access systems
      • Applications
      • Databases (e.g., SQL, Oracle, DB2)
    • Symmetric and asymmetric cryptography
    • Systems Development Life Cycle (SDLC) and change management
    • Information system implementation processes
    • Systems administration and computer operations
    • Threat and vulnerability management
    • Incident response preparation and management
    • Data backup and recovery practices
    • Logical access controls (e.g., Active Directory)
    • Physical and environmental security controls

    EDUCATION:

    • Bachelor’s degree in Management Information Systems, Computer Information Systems, Computer Science, Engineering or a related field;
    • Obtained or working towards Certified Information Systems Security Professional (CISSP) certification. (Candidates that do not yet possess the CISSP will be required to obtain the certification after hire.)
    • CISA, CIPP, CISM, PCI-QSA, or related certifications are a plus.

     

    TRAVEL REQUIRED: Up to 50%.

     

    BENEFITS: Medical, Dental, Vision, 401K, generous PTO and some other great perks!  

     

     

    * All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin. 

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed