Lead Cybersecurity Consultant
Description:
EOE Statement
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
Category
Professional Services
Description
Overview
Seeking an opportunity to build amazing client relationships and solve mission critical, strategic problems? We are ROCIMG, a consulting firm serving the federal government and commercial clients with a focus on strategy, transformation, program management, technology and cybersecurity. We are a rising company with rich client experiences and great references. We develop enduring partnerships with our clients to resolve complex, mission-critical challenges, and help them to accomplish their strategic and operational goals. We have a vision for becoming our customers preferred adviser and provider of digital transformation, business, technology and cybersecurity services. As we continue to grow our business, we are looking for a Lead Cybersecurity Consultant to join our delivery team.
As the Lead Cybersecurity Consultant on our team, you'll use your experience to work with diverse organizations to discover their cyber risks, understand applicable policies, and formulate mitigation plans. You'll develop practice guides, and review technical, environmental, and personnel details from organizations to assess the entire threat landscape. Then, you'll guide your client through a plan of action with presentations, white papers, and milestones. You'll work with your client to translate security concepts, so they can make the best decisions to secure their environment. This is your opportunity to act as an information security subject matter expert while broadening your skills in various emerging concepts and technologies. Join us as we help advance our client's security posture.
Position Requirements
Responsibilities
Review existing documentation of IT controls, business processes, policies, procedures, and management reports for effectiveness and sustainability
Review, document, evaluate, and test manual and automated computer controls
Conduct risk assessments on business and operational processes, procedures, and policies
Interpret assessment results and make conclusions on the adequacy and reliability of controls; develop recommendations to remediate gaps; prepare and present reports as necessary
Advise clients on cybersecurity matters and how to address and mitigate risks
Conduct gap analysis via testing and recommend specific actions to fix gaps in processes and/or process management
Prioritize control projects based on severity of risk and non-compliance
Lead and support governance, risk and compliance related projects, e.g., policy development
Support marketing, sales, business development and proposal activities
Support recruiting, mentoring, team building and other internal operations tasks to strengthen and grow the practice Formal Education & Certification
Minimum Bachelor's degree in Cybersecurity or technology related degree
Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) designations preferred Knowledge & Experience
5+ years of experience with security program assessments, risk assessments, compliance assessments, and mitigation planning
Strong familiarity with cybersecurity governance and controls frameworks, such as NIST CSF, NIST 800-53, CMMC, and ISO 27000
Familiarity with SOX compliance requirements
Ability to carry out assessment interviews, documentation review, and perform analysis across diverse levels of key stakeholders
Ability to develop policies, procedures, and other documentation
Solid experience in testing, evaluating, and documenting controls for compliance
Strong project management skills
Expertise with flowcharting software tools (e.g., Visio)
Hands-on experience building reports, tools and presentations with Microsoft Word, Excel, and PowerPoint
Ability to develop strategy and materials to present to client stakeholders and leadership
Can adapt to shifting priorities, demands, and timelines through analytical and problem solving capabilities
Ability to manage and collaborate with multidisciplinary teams
Reacts to project adjustments and alterations promptly and efficiently
Adept at conducting research into project-related issues and products
Ability to effectively prioritize and execute tasks in a high-pressure environment is crucial
Excellent verbal, interview, and diplomacy skills
Excellent written and oral communication skills Preferred
Experience with cybersecurity strategy development, policy development, control design, control implementation, control management, audit and compliance
Knowledge of threat modeling, kill chain analysis, risk optimization principles
Knowledge of system administration, network, and operating system hardening techniques
Knowledge of system life cycle management principles, including software security and usability
Project management experience Location
Gaithersburg, MD; Hybrid
This is a consulting role and so on site work may be required in the DC-Baltimore Metropolitan region Additional Requirements
Education and certifications will be verified for this position
This position requires successful completion of a background check and employment verification
US citizenship is required for suitability investigation Benefits
Medical, Rx, Dental & Vision Insurance
Company Paid Time Off and Paid Holidays
401(k) Retirement Plan
Skills Development & Certifications
Employee Referral Program
Full-Time/Part-Time
Full-Time
Salary
Salary Range: $115K - $125K, + bonus
Final salary is determined by factors including, but not limited to, relevant work experience, skills and competencies that align to the specified role, geographic location, education and certifications.
Exempt/Non-Exempt
Exempt
Location
Gaithersburg
About the Organization
ROCIMG is focused on being the best idea development, implementation, and management consulting firm that partners with our clients to deliver their preferred future, through the efforts of excellent people while growing the economy. We develop enduring partnerships with our clients to successfully navigate and resolve complex, mission-critical challenges, and deliver results that accomplish their strategic and operational goals.
This position is currently accepting applications.