Senior Consultant - Cyber Security

About The Position

Requirements

• Federal Reserve Board (FRB) / SR 11-7 model risk, SR 20-24 and SR 21-14 cyber and operational resilience guidance, MRAs and MRIAs.
• OCC Heightened Standards (12 CFR Part 30, Appendix D) and OCC cyber risk expectations.
• NY DFS Part 500 — including the 2023 amendments: CISO reporting to the Board, governance, 72-hour incident notification, ransomware payment notification, asset inventory, MFA, encryption, and Class A company requirements.
• FFIEC Cybersecurity Assessment Tool, IT Examination Handbook (Information Security, Business Continuity, Operations).
• SEC Cybersecurity Disclosure Rules (Regulation S-K Item 106, Form 8-K Item 1.05) and Reg S-P amendments.
• NIST CSF 2.0, NIST 800-53, NIST 800-171; ISO/IEC 27001/27002; CIS Controls.
• Cyber Incident Management Hands-on experience leading or coordinating IR for ransomware, business email compromise, third-party breach, insider, and nation-state events.
• Working knowledge of NIST SP 800-61, MITRE ATT&CK, and the practical mechanics of containment, eradication, and recovery in complex enterprise environments.
• Comfort coordinating across legal, privacy, communications, forensics (Mandiant, CrowdStrike, Kroll, Unit 42), insurance, and regulators under time pressure.
• Experience drafting and defending incident notifications and regulator communications under NY DFS Part 500, SEC 8-K Item 1.05, GDPR, and state breach laws.
• Vulnerability Remediation & Patch Management Demonstrated experience designing or remediating enterprise VM programs: scanning coverage, risk scoring (CVSS, EPSS, KEV), SLA design, exception governance, and metrics.
• Operational familiarity with Qualys, Tenable (Nessus / Tenable.io / Tenable.sc), Rapid7 InsightVM, Wiz, Microsoft Defender for Cloud, and ServiceNow Vulnerability Response.
• Patch management at scale across Windows, Linux, network, container, and cloud workloads — including the political work of getting business units to actually patch.
• Identity & Access Management (IAM) Strong grasp of IAM domains: identity governance and administration (IGA), privileged access management (PAM), authentication and federation, joiner-mover-leaver, access certification, and SoD.
• Working experience with at least two of: SailPoint, Saviynt, Okta, Azure AD / Entra ID, Ping, CyberArk, BeyondTrust, Delinea.
• Practical experience reducing standing privilege, designing role models, and remediating common findings (orphaned accounts, toxic combinations, shared service accounts, weak recertification).

Nice To Haves

• SOX ITGC, PCI DSS 4.0, GLBA Safeguards Rule, and SOC 1/SOC 2 attestation work

Responsibilities

• Lead regulatory remediation programs.
• Translate MRAs, MRIAs, Matters Requiring Attention, Consent Orders, and 500.17 (NY DFS) cybersecurity event notifications into prioritized remediation plans with defensible milestones, evidence requirements, and validation criteria.
• Run point with examiners and internal audit.
• Prepare clients for FRB, OCC, FDIC, NY DFS, SEC, and FFIEC exams and continuous-monitoring touchpoints.
• Draft response letters, walkthroughs, and evidence packages.
• Defend the work.
• Drive technical remediation, not just documentation.
• Partner with client CISO, IT Risk, Infrastructure, and IAM teams to actually close findings — not just status-report them.
• Push for engineering outcomes, not slideware.
• Run cyber incident response engagements.
• Lead or co-lead client-side IR for material events: containment strategy, forensic coordination, regulator and law-enforcement notification timing, executive and board communications, and post-incident remediation.
• Strengthen vulnerability and patch management programs.
• Assess current-state VM/patch operations, design risk-based SLAs, build exception governance, and operationalize tooling (Qualys, Tenable, Rapid7, Wiz, ServiceNow VR) so remediation actually happens at SLA.
• Lead IAM remediation workstreams.
• Drive privileged access management, joiner-mover-leaver, recertification, segregation-of-duties, and identity governance improvements.
• Reduce standing privilege and clean up the access debt regulators flag.
• Coach the team.
• Mentor analysts and consultants.
• Review their deliverables.
• Raise the bar on what “good” looks like in a remediation deliverable.
• Grow the practice.
• Contribute to proposals, thought leadership, and methodology assets.
• Identify follow-on work with existing clients.

Benefits

• We blend premium strategy expertise with cutting-edge AI-centric engineering to solve complex, meaningful problems for industry-leading clients.
• We pride ourselves on a high-touch delivery model and a culture that values diverse talent, innovation, and true client partnership — creating an environment where your ideas matter and your impact is visible.
• If you’re looking for a place where you can grow fast, collaborate with exceptional teammates, and help build a company scaling its capabilities and global footprint at speed — Electric Mind is the place to ignite your career.
• The future is bright!
• Electric Mind is committed to diversity in the workplace.
• We are an inclusive employer and welcome and encourage applications from all qualified candidates.
• Applicants’ needs will be won by accommodated during our recruitment and selection process so please advise us if you require accommodation.
• We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information.
• These tools assist our recruitment team but do not replace human judgment.
• Final hiring decisions are ultimately made by humans.
• If you would like more information about how your data is processed, please contact us.