Senior Security Consultant (GRC) - Dell SecureWorks
Dell Inc.
Senior Security Consultant
Dell SecureWorks is a market leader in information security services with more than 3,600 customers worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, across all industries rely on Dell SecureWorks to protect their assets, improve compliance and reduce costs. The combination of strong customer service, award-winning security technology and experienced security professionals makes Dell SecureWorks the premier provider of information security services for any organization. Positioned as a leader of the MSSP industry by several global industry analyst firms, Dell SecureWorks also has received SC Magazine’s "Best Managed Security Service" award and Frost & Sullivan’s North America Security Incident Mitigation and Response Customer Value Leadership Award, among others.
As a result of our market leadership, Dell SecureWorks is experiencing rapid growth in all aspects of our security business.
As a result of our market leadership, Dell SecureWorks is experiencing rapid growth in all aspects of our security business.
We are looking for a Senior Security Consultant with strong experience in Technology, Security, Governance, Risk, and Compliance and the ability to travel up to 75%.
PCI QSA credentials desired, Security Certifications (CISSP, CISM, CISA), a plus.
This individual will be responsible for assessing technical, administrative and physical controls based on various regulations or standards at client sites. Ideally, the candidate should have an IT infrastructure, administration, security background; and excellent communication skills.
Technology and Security Operations experience along with, Administration, or Management is highly desirable.
Essential Duties & Responsibilities
-
Perform Technical and Security Compliance Assessments and other client work related to SecureWorks professional services offerings.
-
Create and recommend remediation for components of security policies, procedures, processes, and standards.
-
Provide specific recommendations for business or technical issues.
-
Create detailed, professional documentation to be delivered to customers both in written and verbal formats
-
Work on multiple projects concurrently, manage time effectively, and require minimal supervision in the execution of projects.
Skills, Knowledge & Abilities
· Must possess a strong technical and security background.
- Knowledge and experience with security technologies , processes, and methodologies such as:
- IP Network architecture and technology, protocols, routing
- Data Management; Sybase; Oracle; MySQL; MS SQL Server; Storage Area Networks
- Firewalls; configuration and rule maintenance
- Remote access facilities; VPN, RAS, thin-client
- Risk Assessment and Risk Management
- Change Management
- Logical, Physical, and Administrative Access Controls
- Physical Security
- Encryption (in relation to compliance)
- Malicious Code: Detection and Response
- Systems and Software Development Life Cycle
- Personnel Security
- Media Controls
- Audit, Logging, and Monitoring Controls
- Vendor Management
- Intrusion Detection and Response
- Business Continuity / Disaster Recovery
- Must possess demonstrable excellence with regard to written and verbal communication skills
- Unquestioned integrity and personal ethics; willingness to provide feedback in challenging situations.
- Experience working with complex, sophisticated clients
- Strong networking and negotiating skills
- Must possess strong analytical capabilities and have a desire to learn new things
- Strong project management skills
- High energy level, comfortable performing multifaceted projects in conjunction with day-to-day activities. Resourceful and Well Organized
- Able to work on multiple projects concurrently, manage time effectively, and require minimal supervision in the execution of a project.
Education and Experience
- 5 to 10 years of Information Technology, Security and Compliance experience required.
- Bachelor's degree required, preferably in computer science or information systems.
- While experience in a number of IT disciplines may provide a solid framework for this position, hands-on results from performing IT risk assessments, information security consulting or IT audits are most beneficial.
- Technical or professional certifications, CISSP, CISA are a plus
- Must be able to travel up to 75%
- Experience in the following regulations and Frameworks:
- PCI
- ISO 27001/2
- HIPAA
- GLBA
- FISMA
- NERC/CIP
- NIST
See full job details and apply at employer site