The Senior Security Consultant is required to have strong skills that demonstrate proficiency with cybersecurity, information risk management, data security, cybersecurity and data privacy regulatory compliance auditing, testing, customer service and information assurance. The Sr. Security Consultant will be working directly with clients providing guidance on the confidentiality, integrity, and availability of their data.
- Key member of the teams performing engagements in IT audit, risk management consulting, attestation in HITRUST/PCI/SOC Reporting, etc., and supply finished work product, testing, and reporting.
- Advance your familiarity with pronouncements of the key State, Federal, and International Cybersecurity Regulators.
- Prepare clear and concise working papers and reports to the engagement principal or partner.
- Assess and prepare meaningful and well-written recommendations for inclusion in client correspondence.
- Demonstrate the ability to identify issues and apply data protection principles and auditing procedures.
- Work independently as needed on client projects in and out of the office.
- Develop positive working relationships with clients.
- Develop an ability to effectively respond to questions from supervisors and clients.
- Strengthen your ability to actively listen and question appropriately to gain full understanding.
- Assist in the preparation of reports and testing outcomes.
- Effectively apply technology tools and software in assigned areas.
- Recognize and proactively support the fact that the firm is in the business of providing quality client service.
- Anticipate problems/issues and keep the senior/manager informed of engagement/project status.
- Comply with firm practice management and quality control procedures and systems.\
- Develop awareness of budget constraints vs. quality of work needed on engagements.
- Contribute to fostering an environment of teamwork.
- Maintain and promote ethical and firm values in conducting internal and external business activities.
- Project management
- Computer proficiency and ability to effectively use firm technology
- Skilled in Microsoft Office suite
- Excellent verbal and written communication skills (i.e., client presentations, industry articles, etc.)
- Exceptional customer service skills
- Experience performing internal or external audits of information technology/cybersecurity controls
- Ability to work outside of normal business hours at peak client service delivery times
- Desire to seek involvement in professional and community organizations
- Ability to develop and sustain business relationships for the purpose of increasing the firm’s client base
- Ability to be autonomous and to handle and manage multiple priorities
- Strong organizational, problem-solving, and analytical skills
- Compliance skills in relation to key legislations such as the Health Insurance Portability & Accountability Act (HIPAA), The Sarbanes-Oxley (SOX) Act of 2002, Payment Card Industry (PCI), The National Institute of Standards and Technology (NIST) and The Gramm-Leach Bliley Act (GLBA) and compliance assessments.
- Flexible approach to tasks that may change daily.
- Analytical ability to break down problems into constituent parts.
- A bachelor's degree in computer science, IT, Accounting, Cybersecurity, or relevant majors/minors or commensurate experience.
- Certification in one or more of the following; Certified Information Systems Security Professional (CISSP) Systems Security Certified Practitioner (SSCP), Certified Information Security Manager certification (CISM), Certified in Risks and Information Systems Control (CRISC), Certified Protection Professional (CPP), PCI QSA, Certified Information Systems Auditor (CISA), Professional (PSP), Security+ and CSA+.
- Three plus years' experience of working on information security/risk management projects for major organizations is desirable.
- Solid understanding of security assessment and management is required.
- Security design, architecture and implementation is necessary.
- Compliance management is essential.
- Great project management and communication skills is a requirement.
- In-depth knowledge of data protection regulations and technology supporting fraud detection.
HOURS OF OPERATION:
- Our office hours are 8:00 a.m. to 5:00 p.m.
- Our summer hours are 8:00 a.m. to 5:00 p.m. Monday through Thursday, and 8:00 a.m. to noon on Friday.
- The ability to work additional hours during busy season is critical, but the rest of the year, flexibility is key.
In the fast-changing accounting industry, The Bonadio Group is always on the cutting edge of growth and innovation. Top-rated employee policies keep our workforce energized and advancing, and because of our many teams and specialty services, we offer more paths to partnership, including non-traditional arrangements. Add to that our robust training and mentoring programs, and the opportunities for growth really add up. Truly, at Bonadio, your trajectory is limitless. We are the nation’s 38th largest CPA and consulting firm, and the biggest in Upstate New York. Get on board, grow with us, and find your path to partnership. Apply today!
We are an Equal Opportunity/Affirmative Action Employer