Senior Cybersecurity Consultant

Senior Cybersecurity Consultant, Advisory Services

The Senior Cybersecurity Consultant will provide a variety of client services as part of LMG Security’s Advisory Services Team. Client services include serving as a virtual CISO, facilitating incident response tabletop exercises, conducting cybersecurity gap and risk assessments, and developing policies and procedures. This position will also contribute to Advisory Team initiatives such as process improvements, research, and new service development.

Essential Functions: 

• Serve as an ongoing virtual CISO to support our clients’ security programs and continuous risk reduction
• Facilitate incident response tabletop exercises
• Conduct advisory and compliance engagements based on the NIST Cybersecurity Framework, HIPAA Security Rule, CIS Critical Security Controls, and other frameworks.
• Work with clients on policy and procedure development and incident response plans.
  
• Document assessment and tabletop exercise outcomes in client reports and visual scorecards
• Distill top findings and recommendations into written and oral client communications
• Assist with training and social engineering engagements
• Establish positive relationships with LMG Security’s clients to support ongoing client relationships
• Research advisory topics, regulations, frameworks, and best practices
• Contribute to development of new advisory services and improvements and updates to existing services 
• Contribute to thought leadership and marketing through research, blogs, articles, and presenting at conferences or to professional organizations 
• Work with the Advisory Services Team on initiatives to support process improvements, organization, consistency, and efficiency 
  

Qualifications: 

Education/Experience: 

• 5-10 years experience as an IT and/or cybersecurity professional 
• Experience presenting training webinars and facilitating tabletop exercises
• Familiarity with security standards and best practices in areas such as access management, authentication, data security, logging and monitoring, application configuration, application security, cloud security, and more 
• Familiarity with one or more industry standard security controls frameworks, such as NIST Cybersecurity Framework, HIPAA Security Rule, ISO 27001, CIS CSC, SOC 2, NIST SP 800-53, CMMC, NIST SP 800-171 
• Professional certification such as Security+, CISSP, or CISA preferred 
• Knowledge or experience with privacy regulations and concepts a plus 
• Experience with ControlMap or similar GRC or compliance-management platforms a plus
• College degree required 

Skills: 

• Motivated to learn new subject matter and technologies 
• Outstanding attention to detail 
• Highly organized 
• Team player with positive attitude 
• Effective and efficient time management and ability to multitask 
• Ability to meet deadlines 
• Excellent written and oral communication skills 
• Impeccable integrity and ethical behavior 
• Proven ability to take initiative and follow through on projects independently, as well as in a team environment
  

Physical Requirements:

• Primary functions require sufficient physical ability to work in an office setting and operate office equipment 
• Sitting for prolonged periods of time 
• Ability to stand, walk, stoop, kneel, crouch, and manipulate (lift, carry, move) light to medium weights of up to 30 pounds 
• Must reside full time in the United States
• Ability to travel up to 10% 
• Appropriate and professional home workspace