Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Senior Security & Risk Management Consultant

Remote: 
Full Remote
Contract: 
Freelance
Salary: 
4 - 160K yearly
Experience: 
Senior (5-10 years)
Work from: 
New York (USA), United States

Offer summary

Qualifications:

Strong knowledge of cybersecurity risk management practices., Experience with security frameworks like ISO 27000, NIST CSF., Security risk management certifications such as CISSP, CISM., Experience in cloud security and threat modelling..

Key responsabilities:

  • Conduct cybersecurity risk and control assessments.
  • Provide CISO as a Service to clients.
  • Facilitate incident response tabletop exercises.
  • Engage with clients to document proposals.
WithSecure logo
WithSecure http://www.withsecure.com
1001 - 5000 Employees
About WithSecure
WithSecure™, formerly F-Secure Business, is Europe's cyber security partner of choice. Trusted by IT service providers, MSSPs, and businesses worldwide, we deliver outcome-based cyber security solutions that protect mid-market companies. Committed to the European Way of data protection, WithSecure prioritizes privacy, data sovereignty, and regulatory compliance. Boasting more than 35 years of industry experience, WithSecure™ has designed its portfolio to navigate the paradigm shift from reactive to proactive cyber security. In alignment with its commitment to collaborative growth, WithSecure™ offers partners flexible commercial models, ensuring mutual success across the dynamic cyber security landscape. Central to WithSecure's™ cutting-edge offerings is Elements Cloud which seamlessly integrates AI-powered technologies, human expertise, and co-security services. Further, it empowers mid-market customers with modular capabilities spanning endpoint and cloud protection, threat detection and response, and exposure management. WithSecure™ Corporation was founded in 1988, and is listed on the NASDAQ OMX Helsinki Ltd.
See all jobs

Job description

$135,000 - $160,000

WithSecure™ delivers research-led cyber security to defend organizations, society and people from real-world attacks and build resilience into their approach. Our people are a mix of technical and creative experts – diverse, talented, and passionate people – working tirelessly to help us advance the industry with new ways of thinking. They lead their own development, in and out of the office. They call the shots when it comes to building a place to call home in our organization.

We have openings for Security Risk Management (SRM) Consultants on our US team, working remotely, based out of New York City. In this role you will help clients identify their cybersecurity risks, assess the effectiveness of their defenses, and recommend improvements to establish a robust security posture.

Key Responsibilities

SRM Consultants are responsible for delivering key services including:

  • Cybersecurity Risk and Control Assessments - Provide clients with an understanding of the current state and gaps in their cybersecurity program and provide recommendations for improvement. These assessments are often performed against industry standards and regulatory requirements such as ISO 27000, NIST CSF, NY DFS 500, NIS2, DORA and PCI DSS.
  • Threat Modelling and Secure Design Review - Analyze system architecture, identify potential security threats, and review planned security controls to identify any gaps and ensure effective implementation. This activity involves reviewing system design documentation and working closely with development teams.
  • CISO as a Service - Act as a trusted advisor to provide clients who lack a dedicated CISO with cybersecurity leadership, expertise, strategic development and program execution to achieve and maintain a strong security posture. In this capacity the consultant serves as a virtual member of the client's C-Suite.
  • Incident Response and Crisis Management Tabletop Exercises - Design and facilitate cybersecurity incident simulations to allow clients to practice and test their response procedures in a realistic scenario. Document exercise results and provide actionable feedback for improvements.

In addition, SRM Consultants engage with clients to understand their security needs, design and scope projects, and document proposals for delivery of services.



What are we looking for?

A Successful Candidate Will Have The Following Qualifications

  • Strong knowledge of cybersecurity risk management practices and experience performing security assessments
  • Proficiency in one or more security frameworks e.g. ISO 27000, NIST CSF, PCI DSS
  • Experience performing threat modelling and security design reviews
  • Solid understanding of cloud security and strategies to mitigate risks for secure deployment and management of cloud resources
  • Deep understanding of application security threats and controls e.g. OWASP Top 10, OWASP ASVS
  • Security risk management certifications such as CISSP, CISM, CISA, PCI QSA and ISO 27001 Lead Auditor/Lead Implementer

Additional Preferred Qualifications Include

  • Previous consulting experience in a customer facing role
  • Cloud provider certifications e.g. AWS Certified Solutions Architect - Associate
  • Experience as a member of a SOC and/or Incident Response team
  • Experience designing and delivering cybersecurity tabletop exercises
  • Program and project management skills

What We Need

We solve complex cyber-security problems daily and to do so requires an interesting and comprehensive set of skills. To be successful at WithSecure and help our clients with their challenges you’ll need the following:

A passion for security

Senior Consultants are dedicated to advancing security for the long haul. They are driven to develop their team by blazing new trails, sharing knowledge, and enabling others to grow.

WithSecure’s consultants are invested in what they do. They have a passion for computers, hacking, security and most importantly, solving problems. If this wasn’t your job, it would be your hobby. At WithSecure, we believe in technical excellence: it’s how we demonstrate our passion.

Technical excellence

You’ve earned extensive knowledge through experience and can adapt to different situations as needed. If faced with an unexpected hurdle, you know how to approach the situation to try and improvise an effective solution.

While not always a strict requirement, we want to see any output such as research, publications, projects, and certifications that show off what you can do.

Communication Skills

Communication skills are just as important as your technical abilities. Senior Consultants are adept at explaining what we did, how we did it, and how clients can remediate it. They can present both the bigger picture and the microscopic details of an engagement to a range of audiences from high-level business stakeholders to up-and-coming team members.

Research motivation

WithSecure has a commitment to research. Our consultants get a percentage of their time dedicated to it in order to ensure their skills remain relevant. You should be keen to produce research that pushes the industry forward as well as contribute to WithSecure Labs (https://labs.withsecure.com). Whether research time is used to investigate new software, hardware or protocols, we encourage our team to push the boundaries of what is possible!

While working solo or inspiring others to work as part of a team, Senior Consultants often serve as our most active research champions.

Opportunities to Upskill and Grow

This position offers excellent opportunities for continuous learning, skill development, and career growth. You will work with clients across multiple industries with disparate needs and cybersecurity maturity levels, providing you with exposure to a wide range of security practices and issues. You will also become a member of a diverse and highly talented team with a passion for security. This strong network provides opportunities for collaborative learning and support for taking on new challenges. In this environment, SRM consultants are welcome to expand into more technical activities such as cloud configuration reviews, penetration testing and more.

What Will You Get From Us

One of our biggest priorities is helping you and your family thrive. We're committed to supporting our employee’s happiness, healthiness and overall wellbeing by providing a comprehensive benefits program. Here is what we offer, at a glance:

  • Comprehensive, high-quality medical plans with premiums as low as $2 per month
  • FSA or Employer-funded HSA with election of qualifying HDHP medical plan
  • Free Dental & Vision Coverage
  • 401k with 4% match
  • 25 PTO days per year
  • 12 Company Holidays observed per year
  • 16 weeks paid parental leave
  • Fertility medical benefits
  • Mental health counseling & coaching
  • Monthly wellness stipend
  • Monthly internet stipend
  • Costco or Amazon Prime membership stipend

At this time WithSecure does not provide visa sponsorship.

Required profile

Experience

Level of experience: Senior (5-10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Application FrameworksCloud SecurityCyber Security ManagementThreat ModelingConventional PCIProject ManagementApplication SecurityIncident ResponseISO/IEC 27002ISO 31000 Series

Other Skills

  • Consulting
  • Communication
  • Research
Are you interested?

Risk Management Specialist Related jobs

See more Risk Management Specialist jobs