NetSPI is a fast-growing, dynamic company with a fun, friendly working environment headquartered in Minneapolis, Minnesota. Our team members bring creativity, business knowledge, and technical skill to work with them every day. The Sr. Security Risk Assessment for advisory services will be a resource for the delivery of client services in accordance with industry best practices (i.e.
ISO, NIST, COBIT) and NetSPI standards and procedures. The ideal candidate must be able to function effectively in multi-disciplined project teams and competently execute compliance-based projects. Responsibilities include: * Executing assigned projects based upon the requirements and information security best practices such as ISO, NIST, and COBIT. Prepares risks assessments and framework compliance gap reports.
Candidate should have experience in IT Security and internal/external compliance functions as well demonstrating competencies in problem solving, client service, written and verbal communications, and project execution. Candidates would be required to live in, or relocate to, the Twin Cities area in Minnesota. * Must have a Bachelor's degree. Majors in Computer Science, Engineering, Math, Sciences, or similar disciplines preferred.
- Project may also include HIPAA / HITECH and/or PCI compliance. * Conduct interviews that elicit factual and specific responses from clients and uses observation to collect data that verifies compliance or non-compliance with assessment requirements. * Supports project scoping to assure an accurate project contract and Statement of Work (SOW). * Understands and applies common sense in keeping projects on budget and in ensuring objectives of each engagement are met to client*s satisfaction.
- Provides clients with sound, practical and actionable advice related to multiple security domains. * Completes quality assurance processes according to NetSPI standards and process. * Maintains and archives well-organized and complete working files and supporting documentation. Requirements: This position requires an understanding of technology, enterprise security and risk management.
- 4+ years of technical security or compliance advisory experience with ISO, NIST, COBIT or other/similar compliance standards (i.e. HIPAA / HITECH, PCI). * Experience planning and executing projects from "design to delivery". * Experience with performing Risk Assessments solo.
- Able to describe a methodology for conducting a risk assessment. * Should possess a CISSP, CISA or similar certification. * Able to travel upwards of 25%. * Must adhere to high standards of ethics and integrity and display professionalism.
- Finally, incumbent should possess strong consulting skills. Our employee compensation package is competitive with a full range of benefits; company paid premiums for employee*s medical, dental, and life insurance coverage, generous PTO plan, 401K with company match, reimbursement for cell phone and high speed internet access and more. Risk Assessment, ISO, NIST, COBIT, HIPAA, HITECH, PCI, consulting experience
Dice - 22 months ago