<img src="https://ws.zoominfo.com/pixel/0nVRFDqEc4KEsx6wmKaS" width="1" height="1" style="display: none;">

Information Security Consultant - Philadelphia, PA

BTB Security has need for an Information Security Consultant to join BTB Security’s professional services team. The Security Consultant role is responsible for delivering a myriad of security projects for our clients. Projects include, but are not limited to, penetration testing, application security assessments, vulnerability assessments, as well as custom security projects designed to meet our clients’ needs.

The role will support delivery of professional services and assist clients in implementing and maintaining practical, effective information security programs that are commensurate with risk and aligned to their specific business strategy. Successful candidate will perform baseline security assessments, establishing security road-maps and ensuring effective execution of client security projects.

Activities associated with this opportunity include:

  • Completing information security assessments aligned with industry frameworks like NIST CSF, ISO 27002, CIS Controls
  • Developing tactical and strategic plans for corrective action
  • Leading security program efforts for our clients and ensuring operational activities are designed and working effectively, including:
    • Policy frameworks
    • Vulnerability Management
    • Security Awareness
    • Vendor Management
    • Incident Response
    • Regulatory compliance
  • Producing client-facing technology and risk updates to all levels of management
  • Evaluating third party risk and mitigation strategies to support client outsourcing plans
  • Evaluating technology solutions to better enable information security programs
  • Supporting clients with their internal, external and customer audit/assessment requirements
  • Develop target operating models for clients in terms of staffing, budget, team structure, and supporting technology

Skills Summary

  • Experience as an information security consultant/manager with a strong working proficiency in the following:
    • Governance, Risk, and Compliance Assessments
    • Establishing effective security programs, such as vulnerability management, identity and access management, asset management and vendor security
    • Developing and maintaining policies, standards and procedures
  • Excellent interpersonal, communication/presentation skills with the innate ability to develop outstanding relationships with your client and work effectively to identify/ build/operate Information Security programs and execute specific client deliverables
  • Ability to understand the risks and strategy of each client, review assessment results and implement appropriate security programs
  • Expert level Project/Program Management skills
  • Skills in documenting risk and compliance activities, including preparing management reports

Education / Certifications

  • Degree in Information/Cyber Security, Technology Risk, Computer Science or Electrical Engineering or equivalent experience
  • 7+ years’ experience working in information security, governance, risk, and/or compliance
  • Familiarity with corporate governance functions, risk assessment methodologies, and security frameworks (NIST CSF, ISO 27002, CIS Critical Controls)
  • Possess a relevant security or risk certification (CISSP, GIAC, CRISC)
  • Experience working in, or exposure to, regulatory requirements like PCI-DSS and privacy (HIPAA, GDPR, GLBA)

If you are interested, please contact us and include your résumé