POSITION LOCATION
This position can be based in Houston, Dallas or Waco, TX.
Travel to non-home office regularly and/or as requested.
INDUSTRY EXPERIENCE
The ideal candidate will have 1-3 full years of prior full-time experience working within a national consulting firm or professional services company.
JOB DESCRIPTION
Cybersecurity and Data Privacy Consultant supports project teams and engagements designed to assist clients in meeting data privacy compliance, cybersecurity practices, risk management, and implementing or managing various governance frameworks that support these domain areas relevant to their business. This role supports consulting methodologies, solutions and practices that include but are not limited to:
- Assessing programs, IT systems, and business processes
- Contributing to team assignments and drafting documentation such as weekly status reports, project plans, developing policies, and drafting components of programs
- Supporting project team analyses and evaluations as a result of assessment and audit findings
- Contributing to risk determinations, identifying compliance gaps, and capturing observations as defined by various IT Security, Privacy and Cyber frameworks
In addition, this role may also assist client teams with the implementation of policy, procedures, and governance practices to manage risk and achieve regulatory compliance for IT/Cybersecurity, Data Privacy, or Information Governance programs.
REQUIRED EXPERIENCE
- Bachelor’s degree with a focus in Computer Science, Information Security, Accounting, or Finance.
- One to three years of full-time experience in assessing, building, or implementing cybersecurity frameworks (NIST, ISO, CIS) and/or data privacy frameworks (HIPAA, GDPR, GLBA, or PCI).
SKILLS AND KNOWLEDGE
- IT Security or Privacy related certifications preferred, such as those provided by the International Association of Privacy Professionals (e.g., CIPM, CIPP/US or CIPP/EU), or by ISC2 (e.g., CISA, CISM, CISSP).
- Experience with AWS, Google Virtual Private Cloud, Microsoft cloud services, OneDrive, SharePoint, and Visio preferred.
- The ability to maintain a high standard of professionalism and confidentiality.
- The capability to communicate with professionals across all levels of an organization.
- Ability to establish and preserve an excellent relationship within Gray Reed and its clients.
- Strong organizational abilities and superb written and verbal communication skills.
- The capacity to successfully multitask whether working alone or in a group setting.
- Practical familiarity with technology for managing security controls, third party risk, data mapping, risk assessments, and compliance monitoring.
- Ability to travel (up to 20%), as required, to complete projects on a domestic and/or global scale.
- Exhibits a keen ability to define problems, collect data, establish facts, and draw valid conclusions. Quick to interpret technical and/or abstract data and define solution design.
DUTIES AND RESPONSIBILITIES
- Engages in the development and delivery of data privacy, cybersecurity, risk & compliance solutions including building programs, assessing or auditing existing programs/practices.
- Practical experience in the application of IT Security and Privacy governance frameworks, program assessments or audits vendor risk analyses, and supporting client engagements within one more sectors: finance, healthcare, energy, retail, education, manufacturing or government.
- Acquires knowledge of risk management frameworks and techniques as well as the business Identifies any potential problems or technical difficulties and, after they have been verified, notifies, and works with the project team, the client and other stakeholders to resolve issues.
- Drafts "gap analyses" and assessment results with observations inclusive of recommended remediation and mitigation steps.
- Prepares presentations for client meetings such as weekly status reports, kickoff decks and final reports.
- Participates in remediation planning by outlining client requirements that relate to frameworks such as GDPR, PCI, Nymity, ISO, NIST, and CIS.
- Participates in internal project team working sessions, stakeholder discussions, and client meetings and records internal dialogues, client interviews, and preserves report and memorandum contents.
- Builds and preserves connections with project team members and employees of clients.
- Other duties as required.
DIRECT REPORTS AND RELATIONSHIPS
This position reports to Principal, Cybersecurity, Data Privacy & Security Advisory.
This position works alongside Managing Principal, Gray Reed Advisory Services.
PERSONAL ATTRIBUTES
- Ability to work collaboratively and foster a team-oriented environment.
- Ability to think strategically and execute tactically.
- Excellent analytical and problem-solving skills.
- Strong work ethic and commitment to delivering exceptional client service.
- Self-motivated with the ability to identify and capitalize on new business opportunities.
- Effective written and verbal communication skills.
SALARY / CASH COMPENSATION
Salary commensurate with experience with expected range of $65,000 - $85,000. Bonus opportunities.
BENEFITS
Benefits package includes medical, dental, vision, short and long-term disability, life insurance, and 401k.
Job Type: Full-time
Benefits:
- 401(k)
- Dental insurance
- Health insurance
- Life insurance
- Paid time off
- Vision insurance
Education:
Experience:
- Cybersecurity: 1 year (Preferred)
- data privacy: 1 year (Preferred)
Ability to Commute:
- Houston, TX 77056 (Required)
Ability to Relocate:
- Houston, TX 77056: Relocate before starting work (Required)
Willingness to travel:
Work Location: In person