CBIZ
Information Security Senior Consultant (Remote)
CBIZ, Phila, Pennsylvania, United States, 19117
Status Category:Full-Time
Exempt/Non-Exempt:Exempt
Scheduled Hours Per Week:40
Job Code:FS205RA
CBIZ Risk & Advisory Services offers consulting, outsourcing and co-sourcing services to public and private companies of all sizes by providing national caliber expertise combined with highly personalized service. As part of CBIZ, (NYSE: CBZ), one of the top financial services providers in the country, CBIZ Risk & Advisory Services provides internal audit, Sarbanes-Oxley compliance, cybersecurity, supply chain management, ESG and risk consulting services to leading businesses across North America.With over 120 offices and nearly 7,000 associates throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level financial and employee business services to organizations of all sizes, as well as individual clients, by providing national-caliber expertise combined with highly personalized service delivered at the local level.CBIZ is honored to be the recipient of several national recognitions for 2023:Best and Brightest Companies to Work for in the NationTop Workplaces USATop Workplaces - Financial Services IndustryBest and Brightest Companies in WellnessGreat Place to Work Certification
Together, CBIZ and CBIZ CPAs are ranked as one of the top providers of accounting services in the United States. CBIZ CPAs is an independent CPA firm that provides audit, review and attest services, while CBIZ provides business consulting, tax and financial services. In certain jurisdictions, CBIZ CPAs operates under its previous name, Mayer Hoffman McCann P.C.As an Information Security Senior Consultant, you will be an influential member of our Cybersecurity consulting practice. You will have the opportunity to work on a range of cybersecurity advisory projects.As an experienced cybersecurity professional, you will develop superior relationships with the leadership and personnel of our client organizations to directly impact their success by delivering high quality services. You will have the opportunity to work with some of the most entrepreneurial companies in the nation - the fast-growing, innovative companies that are the backbone of business across America. You have the opportunity to develop a deep understanding of your client's business, goals and needs, and increase your functional expertise.CBIZ has a growing Risk and Advisory Services National Cybersecurity Practice. With the recent acquisition of two firms that employed cybersecurity consultants, the team has come together as "OneCyber" practice and includes a large client base and many areas of cybersecurity focus. CBIZ is looking for consultants that want to help our clients get better by reducing risk. We do this through a multitude of engagements, ranging from hands on implementation assistance to cybersecurity reviews, risk assessments, audit and security assessments. CBIZ utilizes industry standard frameworks and other best in class technologies to assess our clients' environments. (e.g., NIST CSF, ISO 27001, CMMC, HIPAA, CIS CSC)The Information Security Senior Consultant will contribute to client projects and project teams to provide professional services to the firm's clients. Duties will include involvement in a variety of cybersecurity projects such as infrastructure, cloud and security tools analysis, architectural design, risk management. Activities will include documentation and analysis of client technical environments, -development of security policies and procedures, onsite and remote reviews of technology architecture, including operations technology systems such as SCADA/ICS and communicating findings and recommendations to clients in both writing and verbally.This individual will demonstrate technical and professional knowledge of cybersecurity practices. He or she will play an active role in developing and coaching less experienced team members, providing guidance and timely feedback.Essential Functions and Primary DutiesPerform security assessment and compliance activities using NIST, CSC, ISO and other related frameworks.Perform security architecture review (SAR) to ensure design best practices and standards are met.Create workpapers and reports accurately portraying client evidence.Engage with client projects for a variety of clients and industries, consistently delivering quality client services within expected timeframes and on budget.Work with sense of urgency and the ability to shift focus as needed throughout the day.Identify, evaluate, and effectively communicate significant exposures to security risks, breakdowns in controls, and other related concerns.Communicate in writing findings to both technical and non-technical audiences.Successfully balance multiple projects at once, regularly communicating status and issues to CBIZ management and Managing Directors.Support the research of emerging technology, requisite security requirements, and emerging threats and develop a way-forwards to meet organizational goals.Research security standards, security systems and authentication protocols, keep abreast with latest trends in the cybersecurity industry.Understand effective information technology processes, including best practices and internal control approaches.Interact with and effectively communicate with clients or other third parties as necessary.Manage conflict with clients and/or team members in a professional, confident matter.Develop relationships with team members across the firm to better serve client needs.Assist the firm through participating in training, company-wide projects, and human resource initiatives.Accurately represent and record project time and expenses.Travel is estimated to be less than 20-25%.
Preferred QualificationsMinimum of 3 years of hands-on experience in a technology or cybersecurity-based industry.A Bachelor's degree in a technology or business field or equivalent work experience.Experience in a client facing role.A relevant professional certification such as Network+, Security+, CCNP, CISSP, CISA, CISM, Microsoft MCSE, Azure, and/or other technical certifications is a must.Strong knowledge of and hands on experience with various security architectures (Zero Trust Architecture) and infrastructure technologies required.Hands on configuration experience with networking technologies such as: next generation firewalls, switches, routers, and wireless controllers with working knowledge of TCP/IP addressing and protocols, ACLs, routing, VLANs, segmentation.Hands on experience with vulnerability scanning tools (e.g.,Qualys) a plus.Functional knowledge and administrative experience with PC, server, virtualization, and storage systems.Knowledgeable in technologies such as: Active Directory, Federation, Multifactor Authentication, SSO, IDS, IPS, Host Based Firewalls, WAF (Web Application Firewall), DNS, DHCP, HTTPS/TLS, SSH, SMTP, Syslog, Key Management, PKI, Tokens, SAML, OAUTH.Security experience with cloud-based technologies such as Microsoft 365, Azure, AWS.Understanding of cryptographic trust based systems a plus.Functional knowledge of identity, authentication and authorization systems.Basic understanding of database security.Knowledgeable in compliance standards like: HIPAA, CMMC, PCI, CCPA, Subscriber PII, GDPR preferred.Experience with SIEM technologies preferred.Experience with industrial control systems or IoT technologies is a plus.Proficient at the secure software development life cycle and DevSecOps is a plus.Coding experience preferred but not required.Strong skills in Microsoft Office applications.Possess integrity, principles, and work ethic.Strong analytical, interpersonal, and verbal/written communication skills.Ability to read, write, and speak fluent English.Applicants must be able to pass a background check.
Minimum QualificationsBachelor's degree in relevant field3 years of relevant work experienceAchieve professional certifications relative to area of expertise, must have and preserve required licensesMust possess analytical skillsProficient use of applicable technologyDemonstrated ability to communicate verbally and in writing throughout all levels of organization, both internally and externallyMust be able to travel based on client and business needs
The annual salary target for this job in this market is $90,000-$125,000. The specific compensation for this role will be determined based on the education, experience, and skill set of the individual selected for this position.The compensation above is not representative of an employee's total compensation. Beyond income, you have access to: comprehensive medical and dental insurance, retirement savings, life and disability insurance, health care and dependent care reimbursement accounts, certification incentives, education assistance, referral program and much more.The application window is anticipated to close on or before December 31st, 2024.#LI-HP1 #LI-Remote #CBIZAdvisoryCBIZ.Jobs Category: AdvisoryREASONABLE ACCOMMODATIONIf you are a qualified individual with a disability you may request reasonable accommodation if you are unable or limited in your ability to use or access this site as a result of your disability. You can request a reasonable accommodation by calling 844-558-1414 (toll free) or send an email to accom@cbiz.com.EQUAL OPPORTUNITY EMPLOYERCBIZ is an affirmative action-equal opportunity employer and reviews applications for employment without regard to the applicant's race, color, religion, national origin, ancestry, age, gender, gender identity, marital status, military status, veteran status, sexual orientation, disability, or medical condition or any other reason prohibited by law. If you would like more information about your EEO rights as an applicant under the law, please visit these following pages EEO is the Law and EEO is the Law Supplement.PAY TRANSPARENCY PROTECTION NOTIFICATIONNotice to Third-Party AgenciesCBIZ does not accept unsolicited resumes from recruiters or agencies. Any staffing/employment agency, person or entity that submits an unsolicited resume to this site does so with the understanding that the applicant's resume will become the property of CBIZ. CBIZ will have the right to hire that applicant at its discretion and without any fee owed to submitting staffing/employment agency, person or entity.
Exempt/Non-Exempt:Exempt
Scheduled Hours Per Week:40
Job Code:FS205RA
CBIZ Risk & Advisory Services offers consulting, outsourcing and co-sourcing services to public and private companies of all sizes by providing national caliber expertise combined with highly personalized service. As part of CBIZ, (NYSE: CBZ), one of the top financial services providers in the country, CBIZ Risk & Advisory Services provides internal audit, Sarbanes-Oxley compliance, cybersecurity, supply chain management, ESG and risk consulting services to leading businesses across North America.With over 120 offices and nearly 7,000 associates throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level financial and employee business services to organizations of all sizes, as well as individual clients, by providing national-caliber expertise combined with highly personalized service delivered at the local level.CBIZ is honored to be the recipient of several national recognitions for 2023:Best and Brightest Companies to Work for in the NationTop Workplaces USATop Workplaces - Financial Services IndustryBest and Brightest Companies in WellnessGreat Place to Work Certification
Together, CBIZ and CBIZ CPAs are ranked as one of the top providers of accounting services in the United States. CBIZ CPAs is an independent CPA firm that provides audit, review and attest services, while CBIZ provides business consulting, tax and financial services. In certain jurisdictions, CBIZ CPAs operates under its previous name, Mayer Hoffman McCann P.C.As an Information Security Senior Consultant, you will be an influential member of our Cybersecurity consulting practice. You will have the opportunity to work on a range of cybersecurity advisory projects.As an experienced cybersecurity professional, you will develop superior relationships with the leadership and personnel of our client organizations to directly impact their success by delivering high quality services. You will have the opportunity to work with some of the most entrepreneurial companies in the nation - the fast-growing, innovative companies that are the backbone of business across America. You have the opportunity to develop a deep understanding of your client's business, goals and needs, and increase your functional expertise.CBIZ has a growing Risk and Advisory Services National Cybersecurity Practice. With the recent acquisition of two firms that employed cybersecurity consultants, the team has come together as "OneCyber" practice and includes a large client base and many areas of cybersecurity focus. CBIZ is looking for consultants that want to help our clients get better by reducing risk. We do this through a multitude of engagements, ranging from hands on implementation assistance to cybersecurity reviews, risk assessments, audit and security assessments. CBIZ utilizes industry standard frameworks and other best in class technologies to assess our clients' environments. (e.g., NIST CSF, ISO 27001, CMMC, HIPAA, CIS CSC)The Information Security Senior Consultant will contribute to client projects and project teams to provide professional services to the firm's clients. Duties will include involvement in a variety of cybersecurity projects such as infrastructure, cloud and security tools analysis, architectural design, risk management. Activities will include documentation and analysis of client technical environments, -development of security policies and procedures, onsite and remote reviews of technology architecture, including operations technology systems such as SCADA/ICS and communicating findings and recommendations to clients in both writing and verbally.This individual will demonstrate technical and professional knowledge of cybersecurity practices. He or she will play an active role in developing and coaching less experienced team members, providing guidance and timely feedback.Essential Functions and Primary DutiesPerform security assessment and compliance activities using NIST, CSC, ISO and other related frameworks.Perform security architecture review (SAR) to ensure design best practices and standards are met.Create workpapers and reports accurately portraying client evidence.Engage with client projects for a variety of clients and industries, consistently delivering quality client services within expected timeframes and on budget.Work with sense of urgency and the ability to shift focus as needed throughout the day.Identify, evaluate, and effectively communicate significant exposures to security risks, breakdowns in controls, and other related concerns.Communicate in writing findings to both technical and non-technical audiences.Successfully balance multiple projects at once, regularly communicating status and issues to CBIZ management and Managing Directors.Support the research of emerging technology, requisite security requirements, and emerging threats and develop a way-forwards to meet organizational goals.Research security standards, security systems and authentication protocols, keep abreast with latest trends in the cybersecurity industry.Understand effective information technology processes, including best practices and internal control approaches.Interact with and effectively communicate with clients or other third parties as necessary.Manage conflict with clients and/or team members in a professional, confident matter.Develop relationships with team members across the firm to better serve client needs.Assist the firm through participating in training, company-wide projects, and human resource initiatives.Accurately represent and record project time and expenses.Travel is estimated to be less than 20-25%.
Preferred QualificationsMinimum of 3 years of hands-on experience in a technology or cybersecurity-based industry.A Bachelor's degree in a technology or business field or equivalent work experience.Experience in a client facing role.A relevant professional certification such as Network+, Security+, CCNP, CISSP, CISA, CISM, Microsoft MCSE, Azure, and/or other technical certifications is a must.Strong knowledge of and hands on experience with various security architectures (Zero Trust Architecture) and infrastructure technologies required.Hands on configuration experience with networking technologies such as: next generation firewalls, switches, routers, and wireless controllers with working knowledge of TCP/IP addressing and protocols, ACLs, routing, VLANs, segmentation.Hands on experience with vulnerability scanning tools (e.g.,Qualys) a plus.Functional knowledge and administrative experience with PC, server, virtualization, and storage systems.Knowledgeable in technologies such as: Active Directory, Federation, Multifactor Authentication, SSO, IDS, IPS, Host Based Firewalls, WAF (Web Application Firewall), DNS, DHCP, HTTPS/TLS, SSH, SMTP, Syslog, Key Management, PKI, Tokens, SAML, OAUTH.Security experience with cloud-based technologies such as Microsoft 365, Azure, AWS.Understanding of cryptographic trust based systems a plus.Functional knowledge of identity, authentication and authorization systems.Basic understanding of database security.Knowledgeable in compliance standards like: HIPAA, CMMC, PCI, CCPA, Subscriber PII, GDPR preferred.Experience with SIEM technologies preferred.Experience with industrial control systems or IoT technologies is a plus.Proficient at the secure software development life cycle and DevSecOps is a plus.Coding experience preferred but not required.Strong skills in Microsoft Office applications.Possess integrity, principles, and work ethic.Strong analytical, interpersonal, and verbal/written communication skills.Ability to read, write, and speak fluent English.Applicants must be able to pass a background check.
Minimum QualificationsBachelor's degree in relevant field3 years of relevant work experienceAchieve professional certifications relative to area of expertise, must have and preserve required licensesMust possess analytical skillsProficient use of applicable technologyDemonstrated ability to communicate verbally and in writing throughout all levels of organization, both internally and externallyMust be able to travel based on client and business needs
The annual salary target for this job in this market is $90,000-$125,000. The specific compensation for this role will be determined based on the education, experience, and skill set of the individual selected for this position.The compensation above is not representative of an employee's total compensation. Beyond income, you have access to: comprehensive medical and dental insurance, retirement savings, life and disability insurance, health care and dependent care reimbursement accounts, certification incentives, education assistance, referral program and much more.The application window is anticipated to close on or before December 31st, 2024.#LI-HP1 #LI-Remote #CBIZAdvisoryCBIZ.Jobs Category: AdvisoryREASONABLE ACCOMMODATIONIf you are a qualified individual with a disability you may request reasonable accommodation if you are unable or limited in your ability to use or access this site as a result of your disability. You can request a reasonable accommodation by calling 844-558-1414 (toll free) or send an email to accom@cbiz.com.EQUAL OPPORTUNITY EMPLOYERCBIZ is an affirmative action-equal opportunity employer and reviews applications for employment without regard to the applicant's race, color, religion, national origin, ancestry, age, gender, gender identity, marital status, military status, veteran status, sexual orientation, disability, or medical condition or any other reason prohibited by law. If you would like more information about your EEO rights as an applicant under the law, please visit these following pages EEO is the Law and EEO is the Law Supplement.PAY TRANSPARENCY PROTECTION NOTIFICATIONNotice to Third-Party AgenciesCBIZ does not accept unsolicited resumes from recruiters or agencies. Any staffing/employment agency, person or entity that submits an unsolicited resume to this site does so with the understanding that the applicant's resume will become the property of CBIZ. CBIZ will have the right to hire that applicant at its discretion and without any fee owed to submitting staffing/employment agency, person or entity.