Principal Information Security Consultant

Greendale, WI, United States

Principal Information Security Consultant First Information Technology Services Designing Information Security Solutions with You in Mind. View company page

First Information Technology Services (FITS) has been providing Information Security, Cloud Computing Security, and IT consulting services since 2000. FITS consultants perform comprehensive assessments from beginning to end to produce meaningful, actionable reports that fit within an organization's comprehensive risk strategy.

Category: Audit & Advisory

Schedule (FT/PT): Full Time

Travel Required: No

Shift: Day

Potential for Telework: Yes, 100%, Local Applicants Preferred

Clearance: None Required

FITS is seeking a Principal Information Security Consultant to support cloud cybersecurity compliance consulting and auditing. Our Principal Information Security Consultants lead engagements where we provide subject matter expertise on contracts supporting cloud service providers large and small who are seeking to achieve or maintain cybersecurity certifications for their cloud service offerings. Team members work diligently and collaboratively to identify risks associated with security gaps in our clients’ cloud services and provide recommendations on how those gaps may be addressed. FITS Principal Information Security Consultants provide guidance to clients regarding security requirements for a variety of compliance frameworks and their technical and operational implementations.

This is a full-time salaried position with compensation based on experience and overall strength of the candidate. The ideal candidate will have meticulous attention to detail, strong communication skills, a broad understanding of IT and cybersecurity topics, and prior experience with security controls.

What you’ll do:

Lead teams through IT system security consultation within cloud-based environments in accordance with NIST 800-53, FedRAMP, CNSSI 1253, and other cybersecurity frameworks

Lead client interviews and assessments of client cloud IT architecture for compliance with security requirements, utilizing strong project management and customer service skills

Function as a subject matter expert of IT security concepts, including vulnerability management, risk assessment, incident response, cloud security, and threat detection

Support multiple projects simultaneously,assisting others in client engagements and junior team member development

Evaluate risks associated with systems or planned changes and recommend mitigationstrategies

Develop IT security deliverables, including security policies, standards, plans, and architectural guidance for clientsystems

Educate clients on the ins and outs of architecting andmaintaining a compliant system efficiently

Required Qualifications:

Clearance: None

Education: Bachelor’s Degree from an accredited academic institution in a relevant field (e.g. cybersecurity, IT, computer science) or equivalent experience

Experience: 10+ years’ experience in cybersecurity, IT audit, or IT/cloud operations

Expert knowledge of at least one cybersecurity control framework such as FISMA, FedRAMP, NIST 800-53, SOC2, ISO 27001, PCI DSS, HITRUST CSF

Experience with or knowledge of major IaaS/PaaS cloud services: AWS, GCP, Azure

Experience with Security Operations

Experience implementing information security principles and risk assessment techniques

Strong project management skills, including experience managing small teams and completing projects and deliverables with minimal supervisory oversight.

Experience managing client relationships

Excellent customer service and communication skills, including verbal, written and interpersonal

Ability to communicate effectively with technical as well as executive audiences

Strong attention to detail, organization, resourcefulness, and critical thinking

Preferred Qualifications:

An advanced degree from an accredited academic institution in a relevant field

Demonstrated ability to share knowledge and develop junior team members

Certified Information System Security Professional (CISSP)

Project ManagementInstitute Project Management Professional (PMP)

Subject matter expert in FISMA, FedRAMP, and/or NIST 800-53 compliance frameworks

Subject matter expert in other cybersecurity frameworks such as SOC2, ISO 27001, PCI DSS, HITRUST CSF

Proficiency in one or more of the following areas: virtualization, data visualization and analysis, automation, systems engineering, and/or cloud administration

Proficiency in one or more of the following areas: system administration, cloud administration, systems engineering, security operations, automation, cybersecurity audit, NOC/SOC analyst

Any of the following certifications or similar: ISACA Certified Information Systems Auditor (CISA)

CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)

CompTIA Cloud+ (Cloud+)

AWS/Azure/GCP specific certifications

The successful candidate for this position will be subject to a pre-employment background check.

Pay Range: $160,000-$180,000

The FITS pay range for this job level is a general guideline only and not a guarantee of compensation or salary . Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, or other law.

First Information Technology Services, Inc. believes that a well-rounded compensation package helps teams members thrive in their work and home life. FITS proudly invests in benefits for its employees, covering 100% of health, dental, and vision coverage for employees and their dependents (including domestic partners), paid time off, holidays, matching 401(K), short/long term disability, and parental leave. FITS also provides up to $5,000 annually for professional development, including reimbursement of job-related training classes, seminars, tuition, and certification expenses.

FITS is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. FITS is committed to the principle of equal employment opportunity for all employees and to provide employees with a work environment free of discrimination and harassment. All employment decisions at FITS are based on business needs, job requirements, and individual qualifications, regardless of race, color, ethnicity, age, religion or belief, sex, sexual orientation, gender identity and/or expression, national origin, family or parental status, disability, military or veteran status, or any other status protected by the laws or regulations in the locations where we operate.

Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr