Security Risk Consultant - Secureworks - Remote
Austin, TexasJob ID R60594 Date posted Jul. 08, 2019
Security Risk Consultant - Secureworks- Remote
Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world. Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day across 4400 clients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.
Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
The Security Risk Consultant is part of the Security and Risk Consulting /Governance, Risk and Compliance Team using real-world experience to assist our clients in identifying and remediating risks in their information security programs. This is a client-facing role, working with all levels of staff and leadership in both information technology and business. A successful candidate for this role will be able to present themselves, both in person and in written reports, to all levels of client staff as a subject matter expert in the area of information security governance.
-Perform Security Consultation related to risk management, CSIRT with incident management, security governance and strategic advisory as well as other client work related to Secureworks professional services offerings
-Create and recommend remediation for components of security policies, procedures, processes, and standards
-Provide guidance and recommendations for technical security controls as well as business related issues
-Create detailed, professional documentation to be delivered to customers both in written and verbal formats
-Work on multiple projects concurrently, manage time effectively, and require minimal supervision in the execution of projects
As a managed security provider, Secureworks expects its employees to understand and apply commonly known security practices and possess a working knowledge of applicable industry controls such as NIST 800-53. Employees will be expected to acknowledge their security responsibilities in writing prior to gaining access to company systems. Employees will be required to maintain a working knowledge of local security policies and execute general controls as assigned.
- Minimum of 5 years of experience with delivering information security consulting services including client facing communication, security assessment, documentation review, advisory consultation, program review and program development
- Minimum of 3 years of experience with one or more of the following frameworks: ISO 27001/2, NIST Cyber Security Framework, CIS Critical Security, PCI DSS
- Minimum of 1 or more of the following certifications: CISSP, CISA, CISM
- Bachelor's degree required, preferably in computer science or information systems
- Knowledge and experience with security technologies, processes, and methodologies such as:
- Risk Assessment and Risk Management
- Incident Management and CSIRT operation
- Change Management
- Logical, Physical, and Administrative Access Controls
- Physical Security
- Encryption (in relation to compliance)
- Malicious Code: Detection and Response
- Systems and Software Development Life Cycle
- Personnel Security
- Media Controls
- Audit, Logging, and Monitoring Controls
- Vendor Management
- Intrusion Detection and Response
- Business Continuity / Disaster Recovery
- IP Network architecture and technology, protocols, routing
- Experience working with complex, sophisticated clients
- Strong networking and negotiating skills; strong analytical capabilities and a desire to learn new things
- Able to work on multiple projects concurrently, manage time effectively, and require minimal supervision in the execution of a project
Secureworks (A Dell Technologies Company) is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Secureworks here.