Senior Cybersecurity & Compliance Consultant

About The Position

Requirements

• High school degree or GED, required
• Two (2) or more years of experience in IT controls, Cyber, PCI, or security compliance, required
• Proficient in the use of Windows and Microsoft Office Suite, specifically Word, Excel, and PowerPoint, required
• Ability to maintain a high level of confidentiality and professionalism
• Ability to communicate with professionals at all organizational levels
• Capacity to build and maintain strong relationships with BDO and client personnel
• Solid organizational and excellent verbal and written communication skills
• Ability to successfully multi-task while working independently or within a group environment

Nice To Haves

• Bachelor’s degree with a focus in Computer Science, Information Security, Accounting, or Finance, preferred
• Two (2) or more years of prior experience in management consulting, technology advisory, or technology project management, preferred
• Two (2) or more years of experience supporting Security projects such as NIST, HIPAA, CIS, ISO, or PCI-DSS projects, preferred
• Prior experience working within a national consulting organization or professional services, preferred
• Any security certifications such as CISA, CISM, CISSP, or other certifications, preferred
• AWS Cloud Practitioner or Microsoft 365 Certified: Security Administrator Associate, preferred
• Experience with AWS, Google Virtual Private Cloud, Microsoft cloud services, OneDrive, SharePoint and Visio, a plus
• Multilingual capabilities (read, speak and/or write), a plus
• Applied knowledge of technologies for data mapping, risk assessments, third party risk management, compliance tracking, security controls management, a plus

Responsibilities

• Participates in engagements for PCI, data security, compliance and governance frameworks, security vendor assessments and IT controls assessments
• Conducts and assesses compliance and governance requirements based on standard programs to assist the organization in meeting business needs
• Develops assessment and “gap” reports, including observations and possible solutions
• Gains an understanding of the client’s business environment and risk management frameworks and approaches
• Participates in remediation planning and outlining client requirements applicable to frameworks such as PCI, ISO, NIST, and CIS, for example
• Attends client meetings and documents technical client interviews, internal meetings and memorializes reports and memorandum contents
• Budgets time and assists with multiple project requests simultaneously, as well as monitors project tasks and risks
• Travels up to 50% of the time or as necessary
• Other duties as required