The Governance, Risk and Compliance Security services of AT&T Consulting Solutions is looking for qualified persons to join its team of world-class security and information risk management professionals. This position will be focused on providing guidance around security and privacy regulatory and industry standard requirements to our portfolio of Fortune 500 clients, conducting security risk assessments, and working with the practice leadership to keep abreast of developments in the information security space from both a strategic and technical perspective.
Key job responsibilities will include:
• Conduct information security assessments using industry accepted best practices and approaches to support enterprise business goals and objectives
• Evaluate information security risk in context of business environment and industry requirements
• Consult with clients on information security best practices and provide guidance on cost-effective strategies for implementation of security
• Follow standard methodologies and develop new and innovative processes for delivering information security solutions
• Focus on results and ability to work within tight timelines
• Demonstrated ability to learn and apply critical thinking to a variety of situations
• Design deliverable content to precisely reflect the engagement contract and client needs
• Work with clients to help them understand where improvements could be made, and propose scenarios and solutions to address these areas of improvement
• Build and nurture positive working relationships with clients with the intention to exceed client expectations
Required Qualifications
• BA/BS in information technology, business administration, or related field preferred
• 5-8 years of experience in information risk management, security governance, program development, regulatory and controls experience
• CISSP certification
• CISM, CCSP, CIPP, CISA certification a plus
• Solid understanding of the evolving security and privacy controls environment, regulatory landscape and risk management techniques, principles and practices
• Experience performing risk and compliance assessments and in-depth knowledge of industry standards and regulatory requirements (e.g., HIPAA, HITRUST, HITECH, PCI DSS, FISMA, NIST, ISO 2700X, COBIT, FFIEC, NERC CIP, etc.)
• Experience and firm understanding of the development and implementation of information security policies, standards and related procedures
• Ability to provide risk-based recommendations based upon the size and complexity of the client’s organization
• Ability to educate clients of the risk implications associated with a particular business decision, and communicate the likelihood and impact of those decisions so clients can fully quantify those risks
• Ability to translate complex technical information across all levels of the organization
• Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors
• Demonstrated ability to work effectively with a team, delivering high performance and customer satisfaction in a global, matrix-management environment
• Strong business acumen and process-oriented thinking
• Excellent presentation and issue resolution skills
• Written communication skills for use in preparing formal documentation including deliverables, Statements of Work, proposals, white papers, and case studies
• Verbal skills that include the ability to clearly articulate thoughts, be persuasive and to deliver presentation and training to all levels of management
• Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action
• Ability to interface with C-levels, as well as tactical implementers
• Positive customer service and team attitude (helping others when required)
• Able to manage projects from inception to successful implementation
• Able to foster working relationships with the team and clients
• Strong investigative and analysis skills with the ability to handle confidential information
• Ability to travel
• Keeps informed of advances in information security; self-motivator
Additional Qualifications
• Consulting experience required
• Privacy experience a plus
• Understanding of cloud technologies and security is a plus
• Understanding of available security tools and technologies
• PCI DSS QSA a plus
Job ID 2154061-6
Date posted 04/01/2022
More Information
- Address Los Angeles, CA, USA
- Salary Offer $50.000 ~ $100.000
- Experience Level Junior
- Total Years Experience 5-10