Information Security Consultant
The Information Security Consultant will join a team charged with providing technical guidance to support the Information Security program. The consultant will work with all areas of the business as needed, including information technology, product, compliance, audit and legal to ensure that information assets and process are protected at all levels.
- Review and contribute to design of security controls to cover key information technology applications, infrastructure and capabilities, including: identity & access management; endpoint and server protections, network security, database security, mobile device security, data protection, cloud security and solution development.
- As directed, partner with all areas of the Information Security team and Enterprise Architecture to maintain security standards across the enterprise.
- Build solid working relationships with Information Technology, Legal, Compliance and other business stakeholders, to maintain and improve processes to support security requirements.
- Educate and inform BTS leadership about upcoming information security industry and regulatory changes, emerging threats, and the latest security trends.
- Contribute to the information security knowledge base by maintaining records of collaboration and review exercises, recommendations, findings and other observations gained during consulting activities.
- Contribute to information security policies and standards, procedures and other documentation as needed to improve information security capabilities.
Experience and Knowledge:
- Deep technical knowledge and experience of at least two of the following information technology and security control areas: business applications (web and non-web), system platforms, storage, directory services, end user computing, and network (physical, virtual, internal, cloud).
- Experience collaborating with globally-positioned offices or business partners.
- Demonstrated strength in written and verbal communications.
- 7+ years experience in Information Technology / Enterprise Information Security
- 2+ years experience performing risk assessments or IT audit consulting
- 5+ years SME level work experience in related areas of Information Security Engineering, Architecture, Security Design, Security Operations and IT.
- Working knowledge of security standards frameworks (FFIEC, PCI-DSS, GDPR, COBIT, NIST)
- Understanding of financial industry desired. Payment Card experience preferred.
- Minimum: Bachelor’s Degree in Computer Science or related field.
- Preferred: Advanced degree
- Professional security or technical IT certification preferred (examples may include: CISM, CISA, CISSP, CRISC, MCSA, CCNP, RHCE, RHCA)
- Motivated self-starter
- Superb communicator
0 - 25%