• Cyber Security Consultant

    Job Locations US-FL-Tampa
    Posted Date 2 weeks ago(1/4/2019 4:18 PM)
    # of Openings
    Cyber Security Practice
  • Overview

    Focal Point Data Risk is a new type of risk management firm, one that delivers a unified approach to addressing data risk through a unique combination of service offerings. Focal Point has brought together industry-leading expertise in cyber security, internal audit, identity governance and access management, data privacy and analytics, and hands-on training services. By integrating these services, Focal Point provides clients with the scalable support they need to protect their assets and leverage data across their organizations. Simply put, Focal Point is the next generation of risk management.


    The ideal Cyber Security Consultant (“Consultant”) will possess a broad skillset, demonstrating excellent communication and presentation skills, analytical thinking, and a desire for learning that will support sustainable career growth. The Consultant will assist with a variety of technical security assessments, including assessments of applications, databases, servers, networking devices, and security tools and software. The Consultant may also assist with PCI DSS assessments, Business Continuity and Disaster Recovery (BC/DR) assessments, and data breach preparedness reviews. The Consultant will work in close coordination with Cyber Security Practice Managers, Directors, and Principals to carry out diverse client engagements. The Consultant will often interface directly with clients; therefore, the ability to clearly articulate complex and technical results to a general business audience is paramount.


    Essential Functions

    • Performing assessments of technology components, such as applications, databases, servers, networking devices (i.e., firewalls and routers), and security tools such as IDS/IPS, anti-malware, and authentication systems (e.g., Active Directory);
    • Performing technology assessments in a wide variety of business environments for many different engagements, including:
      • Payment Card Industry (PCI) Data Security Standard (DSS) compliance;
      • Information Technology (IT) operational and cyber security assessments, in accordance with industry frameworks such as COBIT, ISO 27001, ISO 27005, and NIST SP 800-30 Cybersecurity Framework;
      • HIPAA Security Rule and HITECH Act compliance; and
      • Cloud security compliance;
    • Assisting clients with the performance of Business Impact Analyses (BIAs), along with the development of BC/DR Plans (BCPs and DRPs);
    • Assisting organizations with all aspects of data breach, information security, Incident Response (IR) preparation and management;
    • Performing Service Organization Control (SOC) examinations, in accordance with AICPA requirements (SOC 1, SOC 2, SOC 3);
    • Providing data classification services;
    • Developing information technology and security policies and procedures;
    • Providing clients with trusted advisory services and guidance that will reduce their organizational risk and improve their overall cyber security posture; and
    • Preparing reports and other deliverables, which contain strategy, technical analysis, and findings in connection with our Practice’s advisory and assessment engagements, also communicating these results to multiple levels of clients’ management.


    Required General Skills/Knowledge

    • Advanced written and verbal communication skills
    • Strong critical thinking and analytical skills, demonstrating an ability to understand and communicate complex client-business processes
    • Personal qualities like professionalism, attention to detail, a team-oriented focus, dedication, resourcefulness, strong organizational skills, and an eagerness to learn
    • An understanding of the importance of business ethics.
    • Demonstrated knowledge of basic information technology and security principles.
    • Ability to leverage available technical resources and tools (online and otherwise) to research and expand personal knowledge when needed
    • Strong proficiency with Microsoft Windows, Mac OS, and the Microsoft Office suite of products, (i.e., Word, Excel, Visio, PowerPoint)
    • Recent university graduates with 0-2+ years experience are encouraged to apply

    Required Technical Skills/Knowledge

    • IT governance, operations, and resource planning
    • Information system architecture and security controls knowledge, including:
      • Firewalls and routers
      • Intrusion detection and prevention systems
      • Operating systems (e.g., Windows, Linux, Unix, iSeries)
      • Remote access systems
      • Applications
      • Databases (e.g., SQL, Oracle, DB2)
    • Symmetric and asymmetric cryptography
    • Systems Development Life Cycle (SDLC) and change management
    • Information system implementation processes
    • Systems administration and computer operations
    • Threat and vulnerability management
    • Incident response preparation and management
    • Data backup and recovery practices
    • Logical access controls (e.g., Active Directory)
    • Physical and environmental security controls

    Travel Requirements

    Up to 50% of this position includes travel.





    Focal Point is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.  If you’d like to view a copy of the company’s affirmative action plan or policy statement, please email hr@focal-point.com.  If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact Chelsea Campbell at 813-402-1208 or recruiting@focal-point.comThis telephone line and email address is reserved solely for job seekers with disabilities requesting accessibility assistance or an accommodation in the job application process. Please do not call about the status of your job application if you do not require accessibility assistance or an accommodation


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed