Sr. Information Security Consultant

GreenPages Technology Solutions plans, implements, and manages secure, high-performance digital operating environments for leading companies nationwide.

It is uniquely positioned with extensive technology expertise in security and cloud to deliver complete infrastructure solutions that enable companies to drive business outcomes and compete in the digitally driven economy.

Description

Location: Remote or Portsmouth, NH area

The primary responsibility of the Information Security Consultant is to deliver Information Security services and solutions that improve GreenPages customers’ security posture and ability to preempt and respond to threats and vulnerabilities.

This includes continuous improvement for the confidentiality, integrity and availability of our customers’ technology and data, processes, people and organization and vendors and supply chain.

The Information Security Consultant will work as part of the Security Practice team to provide leadership assistance and solution architecture in both a pre
– and post-sales consultative capacity that includes managed and professional services.
The Information Security Consultant will also work in a supporting role and assist with customer escalations.

This may include security and non-security related services.

Primary Responsibilities:
Deliver security consulting engagements for customers following standard methodologies such as NIST 800-53/171/CSF, SANS CIS Top 20, AWS and Azure Well-architected frameworks, etc.
Assist pre-sales client engagement opportunity initiatives, including the architecture, scoping, and creation of client engagement proposals.
Assist with the development, delivery, and operational support of managed services and managed security services.
Architect and design of security solutions for client environments.

This may include hands on configuration support for customer systems and tools.
Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow, and access control models.
Advise customers on the implications of data privacy matters from a security perspective.
Consult with customer and provide recommendations on IT solutions to help clients manage information security risk.
Formulate executive level recommendations related to information security strategy.
Provide oversight and leadership for other team members during client engagement execution, ensuring timely progress, achievement of objectives, and delivery quality.
Enhances team competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
Track emerging security practices, threats and vulnerabilities and contribute to building internal go-to-market strategy.
Continue to develop security skills and certifications necessary for the Information Security Consultant role.

Additional Responsibilities
Support and help build / improve customer security and privacy risk, compliance and regulatory program initiatives such as HIPAA/HITRUST, GDPR, PCI, SOC-2
Support and help build / improve customer resilience and BCP/DR strategy.
Develop incident response plans, procedures, and advise customers on steps to achieve incident response readiness (logging and monitoring configurations, triage and escalation procedures, wider stakeholder liaison, etc.)
Consult during customer engagements to evaluation the processes, controls, and associated risks with respect to information security.
Support delivery of vulnerability and penetration testing across hybrid workloads/assets.
Develop information security plans and policies, customized to client requirements and risk profile.
#LI-Remote

Qualifications

Required Experience:

10+ years in IT Operations or Consulting role
6+ years in progressively sophisticated roles in information security consulting, coupled with demonstrable experience in various Cybersecurity domains, including security strategy, security architecture, security consulting and security operations in hybrid computing environments
Thorough understanding of Information Technology and technical expertise within other technology areas, cloud, datacenter, network, virtualization, and operating systems
Cloud security experience in AWS, Azure, and Microsoft 365 platforms.

Cloud security certification required or within 6 months of hire.
Experience and background in security operations related to SIEM, SOC, EDR, and MDR platforms.
Consulting experience with a mid to large size enterprise customers.
The position requires a strong, diverse technical background and exceptional oral and written communications skills.
The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues.

A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel.
This position requires handling multiple engagements with overlapping deadlines.

A demonstrated ability to write clear, coherent, and precise reports on a multiplicity of complex technical issues is essential.
High-level technical skills supporting IT related projects and customers.
Experience in process and methodology development including ability to recognize areas for internal improvement and make recommendations for improvement.
Must be able to work in an extremely fast-paced environment.

Preferred Experience
In depth system knowledge in security related tools necessary for assessments and testing.
Information Security Consultant with relevant security certifications, for example (CISSP, CISA, CISM, GIAC, OSCP, CEH, CNDA, Security+, CCNA, CCNP)
Subject matter expert in Microsoft Azure and Microsoft 365 security
Experience communicating across all levels of an organization with demonstrated experience communicating at an executive level.
Excellent written and verbal communication skills.
Minimum of 4 Year College degree desired, Master’s Degree and above in related field is a plus.
Must possess or be able to quickly gain a thorough understanding of GreenPages service offerings, technical capabilities, and technical direction.
Demonstrated ability to address and resolve escalations.
Demonstrated ability to identify and mitigate risk across projects.

Working Conditions / Environment:
This position is based out of the Kittery, ME or Portsmouth, NH office or remote.

Required travel is expected to be no more than 10%, with the majority being local day trips that do not require overnight stays.

GreenPages is committed to a policy of equal employment opportunity.

GreenPages does not discriminate in any aspect of its employment practices against any qualified applicant or employee on account of race, color, creed, religion, sex, sexual orientation, national origin, disability, marital status, or veteran status.

We encourage you to send us your resume if you are interested in pursuing a career with us.

To all recruitment agencies: GreenPages does not accept unsolicited agency resumes and ask that you do not forward resumes to GreenPages employees, any physical GreenPages location, or any GreenPages email address.

We take no responsibility for any fees related to unsolicited resumes.