• Cyber Security Senior Consultant

    Job Locations US-FL-Tampa | US-GA-Atlanta
    Posted Date 1 month ago(6/14/2018 9:12 AM)
    # of Openings
    Cyber Security Practice
  • Overview

    Focal Point Data Risk delivers a unified approach to addressing data risk through a unique combination of service offerings. Focal Point has brought together industry-leading expertise in cyber security, identity governance and access management, data privacy and analytics, internal audit, and hands-on training services, giving companies everything they need to plan and develop effective risk and security programs. By integrating these services, we provide our clients with the flexible support they need to protect and leverage data across any part of their organization. Simply put, Focal Point is the next generation of risk management.


    Cyber Security Senior Consultants assist with a variety of technical security assessments, including PCI DSS assessments, cyber security assessments, HIPAA compliance assessments, cloud security compliance assessments, BC/DR assessments, and SOC examinations. Senior Consultants work in close coordination with Managers, Directors, and Partners to carry out client engagements.  Senior Consultants are often responsible for performing fieldwork, collecting data, and developing draft deliverables. 


    • Performing technology assessments in a wide variety of business environments, including:
      • Payment Card Industry (PCI) Data Security Standard (DSS) Compliance;
      • Information Technology Operational and Cyber Security Assessments in accordance with industry frameworks, such as COBIT 5, ISO 27001, ISO 27005, NIST Cybersecurity Framework (CSF), and NIST SP 800-30;
      • HIPAA Security Rule and HITECH Act Compliance; and
      • Cloud Security Compliance;
    • Assisting clients with the performance of Business Impact Analyses (BIAs) along with development of business continuity and disaster recovery plans (BCPs and DRPs);
    • Performing Service Organization Control Examinations in accordance with AICPA requirements (SOC 1 SSAE 16, SOC 2 AT 101, SOC 3 AT 101);
    • Providing data classification services;
    • Developing information technology and security policies and procedures;
    • Providing trusted advisory services and guidance to clients that will reduce organizational risk and improve their overall security posture; and
    • Preparing reports and other deliverables that contain strategy, technical analysis, and findings in connection with our advisory and assessment engagements and communicating those results to client management.



    • 2-5 years of relevant experience in the field(s) of IT Audit, Consulting, and/or Security, Privacy or Risk Management.


    • Understanding of or experience with industry and regulatory frameworks and standards, including but not limited to: PCI DSS, NIST SP 800-30, NIST CSF, ISO 27000 series, Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM), Center for Internet Security (CIS) Top 20 Critical Security Controls (CSC), HIPAA Security Rule and HITECH Act, and information security requirements of Generally Accepted Privacy Principles (GAPP)
    • Working knowledge of network, system, database, and application-level security.
    • Advanced written and verbal communication skills.
    • Strong interpersonal skills.
    • Strong analytical skills and the ability to understand complex client business processes.
    • An understanding of the importance of business ethics.
    • The ability to work on multiple projects in parallel over a period of time.
    • Qualities such as professionalism, attention to detail, strong organizational skills, team-focus, dedication, resourcefulness, and an eagerness to learn.
    • Ability to leverage available technical resources and tools to research and expand one's knowledge to enhance client deliverables.
    • Strong proficiency with Microsoft Windows, Mac OS X, and the Microsoft Office suite of products, (i.e. Word, Excel, Visio, PowerPoint).


    • Bachelor’s degree in Management Information Systems, Computer Information Systems, Computer Science, Engineering or a related field
    • Obtained or working towards Certified Information Systems Security Professional (CISSP) certification. (Candidates that do not yet possess the CISSP will be required to obtain the certification after hire.)
    • CISA, CIPP, CISM, PCI-QSA, or related certifications are a plus


    TRAVEL REQUIRED: Up to 50%.


    BENEFITS: Medical, Dental, Vision, 401K, generous PTO and some other great perks!  




    * All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin. 


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed