Security Advisor – Control Assessor
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security Advisor performing control gap assessments and advising on compliance in cybersecurity. Collaborating with clients to improve security measures and deliver tailored solutions.
Responsibilities:
- Perform control gap assessments to help organizations understand where gaps exist within client security programs.
- Provide project management tasks to ensure assessment delivery is on time and meets the client’s needs.
- Identify gaps in desired control implements and determine appropriate recommendations for clients based on identified regulatory framework and desired controls.
- Review information system security controls and evaluate efficacy.
- Perform detailed audit-like assessments according to cybersecurity-related frameworks.
- Analyze documentation and evidence provided to verify adherence to prescribed cybersecurity-related frameworks.
- Develop and review policies, procedures, and other related documentation to ensure compliance with control frameworks.
- Write clear and well-structured reporting to detail observations and strategic recommendations, at an appropriate level for the intended audience.
- Identify cybersecurity-related regulatory requirements (e.g., PCI-DSS, HIPAA, CCPA, GDPR, NYDFS) as well as gaps in compliance, and develop strategic plans to achieve and maintain compliance.
- Work closely with clients and the Soteria team to develop remediation plans to ensure clients achieve their desired outcomes.
- Document and present findings and recommendations to clients, including C-Suite and board-level executives, in a professional manner.
- Support project team with quality assurance review of deliverables.
- Maintain relationships with clients post-assessment in order to assist and advise as they continue to build and improve their security.
- Maintain competence in security trends, technologies, and practices through self-study and attendance of industry events.
- Conduct interviews with clients and the Soteria team to evaluate a client’s IT environment and security practices.
- Assess and research common business platforms and technologies to deliver recommendations for secure configurations.
- Maintain integrity and confidentiality for sensitive client information.
Requirements:
- 5+ years of industry experience with an understanding of the cybersecurity space.
- 2+ years of experience in a cybersecurity consulting role; specifically conducting IT audits or assessments.
- Familiarity with cybersecurity frameworks such as NIST CSF, CMMC, ISO 27001, and CIS Controls.
- Relevant certifications such as CISSP, CISM, CISA, etc.
- Strong knowledge of Microsoft Suite, Advanced Excel skills a plus.
- Candidates must be legally authorized to work full time within the United States and able to pass a background check.
Benefits:
- Soteria is an Equal Opportunity Employer.
- Competitive salary with health insurance and retirement plans.
- Professional development opportunities.
Similar Jobs
Learning Facilitator, Security and Property Protection
WBS TRAINING employee representing the area of security and protective services. Focusing on competency development of course participants in a home office setting.
Vice President – Technology and Security
Vice President of Technology and Security leading the technology strategy at NSTXL. Overseeing cybersecurity, AI strategy, and enterprise systems for government and defense environments.
Identity Security Manager – GOV
Identity Security Manager leading IAM and PAM operations for PNC's secure payment integration technology. Overseeing access management and driving continuous improvement in security processes.
Identity & Devices Security Architect – Client Consulting
Security Architect at Cyclotron designing Microsoft 365 Identity and Device Management tools. Collaborate with clients to improve security posture across Microsoft ecosystems.
Director of AI Security
Senior Leader for Securing AI responsible for defining and executing AI security strategy. Overseeing risk management for AI systems across the enterprise for leading healthcare technologies.
Cybersecurity Engineer II
Cybersecurity Engineer II responsible for security oversight and compliance of enterprise products and information systems. Collaborating with teams to ensure best security practices and address vulnerabilities.
Director of Cyber Security Architecture, Engineering Services
Director leading Cyber Security Architecture and Engineering at U.S. Fin Tech. Overseeing design and execution while ensuring compliance to cyber security policies.
Senior Security Engineer, GRC Automation
Senior Security Engineer designing and implementing GRC automation workflows at 1Password. Partnering with the Senior Manager of GRC to enhance security operations and compliance.
Lernbegleiter:in Sicherheit und Objektschutz
Trainer for security and protection at WBS TRAINING focusing on participants' competency development and utilizing various teaching methods. Providing specialist education from home office in WBS LearnSpace 3D.
AWS Cloud Security, ICAM Specialist
AWS Cloud Security and ICAM Specialist designing and managing secure authentication for cloud applications. Ensuring compliance with federal identity governance and cloud security principles.
Staff Security Engineer
Staff Security Engineer at Order.co driving security architecture and mentoring engineers. Overseeing technical improvements and complex security initiatives to protect company data.
Information Security Assessor – QSA Certified
Information Security Assessor leading PCI DSS assessments and client engagements in cybersecurity compliance at RSI Security. Collaborating with stakeholders and ensuring compliance with regulatory frameworks.
External Industry Risk & Security Governance Representative – ISO 17021, 17020, 42006
External Industry Risk & Security Governance Representative serving on the Impartiality Committee for RSI Security. Managing governance oversight and ensuring impartiality in certification processes with extensive industry experience.
Analista Blue Team – IBM QRadar
Analista Blue Team at It4us responsible for monitoring and incident response in corporate environments. Engage in high-criticality cybersecurity operations using IBM QRadar.
Especialista em Cyber Segurança – Resposta a Incidentes
Specialist in Cyber Security coordinating incident response operations at Grupo Casas Bahia. Evaluating and optimizing incident response processes and ensuring alignment with security policies.
Mid-level Information Security Analyst
Analista Pleno de Segurança da Informação focusing on CyberSecurity with Azure cloud security at Atlas. Seeking dynamic professionals for significant impact in security maturity.
Cybersecurity Architect – Senior
Cybersecurity Architect leading security architecture for critical operations in Brazil and Canada. Designing robust security solutions and ensuring compliance across complex environments.
Security Consultant
Security Consultant facilitating the day-to-day running of the Intruder platform, delivering consultancy services to customers and managing security projects.
Security Expert
Cybersecurity Consultant specializing in Microsoft Sentinel, Defender, and Purview technologies at Ontinue. Delivering high-impact projects and expert guidance to clients across various industries.
Microsoft 365 Security Engineer
Microsoft 365 Security Engineer responsible for securing and managing Microsoft 365 environments. Join RKD Group to make a positive impact in nonprofit sectors by enhancing security measures.