Senior Security Advisor - vCISO/Trusted Advisor

About The Position

Requirements

• 10+ years of industry experience with a deep understanding of the cybersecurity space
• Understanding of current information security challenges and solutions
• Prior experience in a cybersecurity Trusted Advisory and vCISO consulting role
• Prior experience in an information technology or cybersecurity leadership role
• 5+ years direct experience with: security frameworks such as NIST CSF, CIS Security Controls, ISO, etc. industry regulatory requirements for security such as HIPAA, PCI-DSS, CJIS, SEC, GLBA, CMMC, etc.
• Relevant certifications such as ISC^2 CISSP, ISACA CISM, GIAC Strategic Planning, Policy, and Leadership (GSTRT) or other relevant GIAC certification
• Excellent written and verbal communication skills
• Ability to self-direct work, orient to action, and truly own the position in a quickly growing and changing environment
• Ability to translate strategic business objectives into tactical actions

Responsibilities

• Lead and perform Trusted Advisory and vCISO engagements to help organizations stand up or improve their security programs.
• Lead and perform security assessments to help organizations understand where gaps exist within their security programs and develop recommendations for remediation.
• Lead and participate in Advisory client projects to include client onboarding, documentation review, client interviews, presentation of findings, and report development and delivery.
• Work closely with clients and the Soteria team to develop deliverables to include, but not limited to: executive summary reports detailed findings and recommendations reports presentation slide decks plans of action and milestones policy and procedure development ad-hoc written reports
• Lead and coordinate with the Advisory team members to achieve excellence in the various business areas of Trusted Advisory and vCISO, Risk/Gap Assessments, Incident Response Readiness, Table Top Exercises, Business Continuity and Disaster Recovery Plans and Policy development.
• Conduct presentations for various types of stakeholders to include technical staff, support staff, executive team, and board of directors.
• Tailor communications to the client’s level of expertise, providing education and information to help them understand the bigger picture and make educated decisions.
• Communicate with prospective and existing clients to understand their security needs and develop engagement plans to satisfy their requirements, focused on the information security aspects of the client's infrastructure.
• Research cybersecurity topics and provide commentary for clients.
• Participate with and support other Soteria business areas when needed.
• Build and maintain close relationships with Soteria’s clients and help them understand the full scope of information available to make informed decisions about their security program.
• Advocate for the client’s well-being, provide expert security advice, and rally internal Soteria resources for the benefit of the client.
• Maintain updated client profile and pertinent information in internal operational support systems.
• Maintain integrity and confidentiality for sensitive client information.
• Partner with Soteria’s leadership team, service line leaders, and other Advisory members to improve service offerings.
• Train and mentor other employees in order to build the company's overall capacity and capability.
• Drive innovation by participating and working with cross-functional teams and stakeholders for the development of new product offerings, roadmaps, capabilities, and services, providing key inputs to operational delivery requirements and support models.
• Assist with advancing the maturation of our existing services by identifying and directly contributing to the creation and management of support processes, knowledge base articles, playbooks, and other documentation management as needed.