Compliance Services – Security Consultant

NCC Group North America

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group. We are on a mission to make society a safer and more secure place. Our people are the ones who make that mission possible; a global community of talented individuals working together towards a safer future. We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to help us in our mission, as a Security Consultant.

The Opportunity:

NCC Group is always looking for amazing people to join our team. Compliance Services supports clients in improving their information security posture while helping them to cost-effectively meet their legal and regulatory compliance requirements. A Security Consultant (SC) in our Compliance Services team must have the experience, technical skill, consulting finesse, and management skills required to deliver a broad variety of technically demanding projects. This role is for individuals with a moderate level of security consulting experience or those who can immediately contribute to client work.

The Challenge:

As a Security Consultant, your role will focus on running projects, and working around obstacles to meet customer expectations. They should have the technical and soft skills needed to act as members of many NCC Group project teams and deliver more complex projects in a supporting role. Consultants need to be able to understand and explain findings and recommendations based on both technical and business criteria. SCs are expected to:

• Demonstrate skilled experience of two (2) areas of Technical Competency (see below)

• Author final deliverable documentation for engagements

• Lead medium to large complex projects and supervise contributing resources

• Coordinate documentation and lead read outs on medium to large engagements

• Complete specific training goals as agreed upon

Essential Skills:

At NCC Group we are passionate about passionate people. We are looking for an individual who thrives in an ever-changing environment; someone who can work with multiple teams to get the job done and deliver great work.

Required Candidate Attributes/Skills:

• Minimum of 3 years of experience in professional services

Technical Competencies (included, but not limited to):

• Server/desktop operating systems (Windows, MacOSX, Linux, etc.)

• Office productivity tools; Word, Excel, and PowerPoint

• Data analytics; Access, MySQL, etc.

• Programming and/or scripting languages; Python, PowerShell, Linux shell scripting, etc.

• Physical Security Assessment

• Risk Assessment

• Third Party/Vendor Risk Assessment

• Security and Compliance Frameworks

• ISO/IEC 27xxx

• NIST Cyber Security Framework

• NIST Privacy Framework

• NIST SP800-53

• NIST SP800-171

• HIPAA/HITRUST

• PCI DSS

• FedRAMP

Relevant Professional Certifications:

• CompTIA Security+

• GIAC Information Security fundamentals (GISF)

• ISACA CSX-F

• Microsoft Technology Associate (MTA) Security Fundamentals

• Certificate of Cloud Security Knowledge (CCSK)

• ISO 27001 Lead Implementer

• ISO 27001 Lead Auditor

• ISACA Certified Information Systems Auditor (CISA)

• ISC2 System Security Certified Practitioner (SSCP)

• ISC2 Certified Information Systems Security Professional (CISSP)

• Certified Cloud Security Professional (CCSP)

• HITRUST Certified CSF Practitioner (CCSFP)

• HealthCare Information Security and Privacy Practitioner (HICSPP)

Personal Qualities

• High-level of professionalism, even in the midst of stressful engagements

• Outstanding attention to detail

• Ability to lead teams and multi-faceted projects effectively

• Self-motivated and a demonstrated self-starter

• Highly dependable; team player willing to perform any task necessary to help team succeed

• Excellent management skills

• Ability to work on multiple projects concurrently

• Willingness to travel >50%