CREO
Senior Consultant, Cybersecurity
CREO, Durham, North Carolina, United States, 27703
JOB DESCRIPTION OVERVIEWCREO, LLC. is an innovative management consulting and advisory firm based in Research Triangle Park. CREO helps its clients operate effectively, freeing them to apply their talents, pursue their mission, and realize their vision through a focus on effective operations and organizational health. CREO’s senior team of C-level advisors works shoulder-to-shoulder with clients to solve their toughest challenges and realize their biggest opportunities. To learn more, visit www.creoconsulting.com.
Within CREO, the Cybersecurity department provides a variety of short- and long-term services that help improve and maintain a high level of cyber maturity. The following job description illustrates the key responsibilities for this role and technical requirements.
POSITION RESPONSIBILITIES
Strategic Roles / Projects
Fractional CISO:
Provide strategic leadership and direction for clients’ information security programs, aligning security initiatives with business objectives.
Provide consulting and guidance on building and/or maturing information security programs, risk management, and the implementation of tools and technologies used for enterprise security.
Advise clients on data privacy compliance regulations and how to efficiently meet requirements and protect personal data.
Provide monthly reporting to leadership and quarterly reporting with board level language.
Provide knowledge and guidance on tools and technologies used for enterprise security.
Manage and oversee the identification, assessment, acceptance and mitigation of risks to the organization’s information systems and data.
Implement and/or assess enterprise IT security controls, including data classification/governance, cybersecurity incident response process, patch management, data loss prevention, and access controls.
Cybersecurity Assessments:
Conduct thorough assessments of clients’ cybersecurity posture, identify vulnerabilities, and recommend remediation strategies.
Prepare and create documentation for various IT security engagement deliverables including, but not limited to risk assessment results, plan of action and milestone (POAM) lists, system security plan, security gap analysis.
Incident Response Preparation: Provide consulting services, in the form of tabletop exercises to prepare clients for various security incidents (e.g., ransomware, data exfiltration, etc.).
Audit Readiness:
Prepare clients for security audits by ensuring compliance with relevant standards and regulations and by developing necessary documentation.
Consult clients on transforming a list of gaps into a prioritized list of action items that mitigates the most pressing risks.
Security Engineering:
Consult clients on best practice configuration and/or evaluation of new tools/architectures.
Operational Responsibilities:
Vendor Management: Oversee CREO’s cybersecurity partners performing specialized functions (e.g. offensive/red team exercises, MDR services, etc.), ensuring the quality and effectiveness of their work.
Security Operations Escalation: As the primary escalation point for the security operations team, providing expert guidance and resolution for complex security incidents.
REQUIRED QUALIFICATIONS, SKILLS, AND EXPERIENCE
Minimum 10 years overall IT experience with 5+ years of professional information security experience.
Demonstrated experience being a key contributor to successful enterprise information security programs.
Strong understanding and experience implementing one or more security frameworks, such as SOC2, NIST 800-53/171, NIST CSF, ISO 27001 and CIS.
Strong understanding and experience with security and privacy-related regulatory compliance, such as HIPAA and GDPR.
Strong understanding of security operations functions and cybersecurity incident response.
Strong understanding of managing security training / phishing services (e.g., KnowBe4, Ninjio, etc.).
Technical Requirements:
Strong understanding of infrastructure, in the form of security controls for common platforms and devices, including Windows, Linux, network equipment, and IT operations.
Networking, including TCP/IP protocols and network topology.
Network security, including firewalls, intrusion detection/prevention systems, and network segmentation.
Proficiency with MDR (Managed Defense & Response) / MSSP (Managed Security Service Provider).
Strong understanding of security controls around Azure and AWS.
CREO is seeing a trend in our target customer base towards the full M365 suite of tools. The following are becoming essential to providing customer guidance:
Defender for Endpoint / Cloud - Strong understanding of capabilities and deficiencies.
Security & Compliance Centers - Ability to digest and consult customers on how to leverage the intelligence they already have.
Entra ID / Azure AD - Strong understanding of capabilities and best practices.
Ability to consult clients on the various MS licensing options that will provide an appropriate level of security for their level of risk.
Ability to consult customers with MFA migrations/rollouts.
MS Sentinel - Understanding of the overall tool and capabilities.
Ability to develop basic alerts and reports via the use of KQL.
MS Purview - Understanding of the overall tool and capabilities.
Understanding of data classification and Data Loss Prevention (DLP) implementation and operational strategies.
Entra ID Conditional Access - Understanding of how to leverage out of the box and custom Conditional Access rules.
As a senior consultant, the following skills are crucial to success:
Time Management: Skill in managing multiple projects and tasks efficiently while meeting deadlines and budgets.
Communication Skills: Ability to clearly convey complex security concepts to both technical and non-technical audiences, including executive-level clients and stakeholders.
Problem-Solving: Strong analytical skills to identify vulnerabilities and develop effective and creative remediation strategies with the available budget, technologies and in-house skills.
Leadership: Capacity to provide strategic direction and inspire confidence while leading projects and initiatives.
Collaboration: Aptitude for working effectively with cross-functional teams, including IT, risk management, and client leadership.
Adaptability: Flexibility to adjust to new technologies, regulations, and changing client needs.
Critical Thinking: Ability to assess situations logically and make informed decisions under pressure.
Client Relationship Management: Building and maintaining strong, trust-based relationships with clients.
Detail Orientation: Careful attention to detail to ensure thorough assessments and precise reporting.
Presentation Skills: Proficiency in creating and delivering impactful presentations for training, reporting, and board meetings.
Conflict Resolution: Ability to handle disputes or challenges constructively, particularly when aligning different stakeholder interests.
Negotiation Skills: Expertise in balancing security priorities with business objectives to find practical, mutually beneficial solutions.
Empathy and Active Listening: Understanding client concerns and responding in a way that meets their specific security needs.
Project Management: Capability to plan, organize, and oversee projects from start to finish.
Strategic Thinking: Long-term planning skills for developing security roadmaps that align with business goals.
Other qualifications we find highly desirable:
Knowledge and experience with tools used in penetration testing, security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations.
Business development experience.
Certification in at least one of the following: CISSP, CCSP, CISA, CISM, HITRUST Practitioner, ISO 27001 Lead Implementer, CEH.
Active Microsoft security certifications (e.g., SC-100, SC-300, AZ-500, SC-200).
Experience in Governance Risk and Compliance (GRC).
Experience with computer systems validation (CSV) and 21 CFR Part11 compliance.
Experience with managing or working in an infrastructure (e.g., network, datacenter, servers, etc.) services group.
#J-18808-Ljbffr
Within CREO, the Cybersecurity department provides a variety of short- and long-term services that help improve and maintain a high level of cyber maturity. The following job description illustrates the key responsibilities for this role and technical requirements.
POSITION RESPONSIBILITIES
Strategic Roles / Projects
Fractional CISO:
Provide strategic leadership and direction for clients’ information security programs, aligning security initiatives with business objectives.
Provide consulting and guidance on building and/or maturing information security programs, risk management, and the implementation of tools and technologies used for enterprise security.
Advise clients on data privacy compliance regulations and how to efficiently meet requirements and protect personal data.
Provide monthly reporting to leadership and quarterly reporting with board level language.
Provide knowledge and guidance on tools and technologies used for enterprise security.
Manage and oversee the identification, assessment, acceptance and mitigation of risks to the organization’s information systems and data.
Implement and/or assess enterprise IT security controls, including data classification/governance, cybersecurity incident response process, patch management, data loss prevention, and access controls.
Cybersecurity Assessments:
Conduct thorough assessments of clients’ cybersecurity posture, identify vulnerabilities, and recommend remediation strategies.
Prepare and create documentation for various IT security engagement deliverables including, but not limited to risk assessment results, plan of action and milestone (POAM) lists, system security plan, security gap analysis.
Incident Response Preparation: Provide consulting services, in the form of tabletop exercises to prepare clients for various security incidents (e.g., ransomware, data exfiltration, etc.).
Audit Readiness:
Prepare clients for security audits by ensuring compliance with relevant standards and regulations and by developing necessary documentation.
Consult clients on transforming a list of gaps into a prioritized list of action items that mitigates the most pressing risks.
Security Engineering:
Consult clients on best practice configuration and/or evaluation of new tools/architectures.
Operational Responsibilities:
Vendor Management: Oversee CREO’s cybersecurity partners performing specialized functions (e.g. offensive/red team exercises, MDR services, etc.), ensuring the quality and effectiveness of their work.
Security Operations Escalation: As the primary escalation point for the security operations team, providing expert guidance and resolution for complex security incidents.
REQUIRED QUALIFICATIONS, SKILLS, AND EXPERIENCE
Minimum 10 years overall IT experience with 5+ years of professional information security experience.
Demonstrated experience being a key contributor to successful enterprise information security programs.
Strong understanding and experience implementing one or more security frameworks, such as SOC2, NIST 800-53/171, NIST CSF, ISO 27001 and CIS.
Strong understanding and experience with security and privacy-related regulatory compliance, such as HIPAA and GDPR.
Strong understanding of security operations functions and cybersecurity incident response.
Strong understanding of managing security training / phishing services (e.g., KnowBe4, Ninjio, etc.).
Technical Requirements:
Strong understanding of infrastructure, in the form of security controls for common platforms and devices, including Windows, Linux, network equipment, and IT operations.
Networking, including TCP/IP protocols and network topology.
Network security, including firewalls, intrusion detection/prevention systems, and network segmentation.
Proficiency with MDR (Managed Defense & Response) / MSSP (Managed Security Service Provider).
Strong understanding of security controls around Azure and AWS.
CREO is seeing a trend in our target customer base towards the full M365 suite of tools. The following are becoming essential to providing customer guidance:
Defender for Endpoint / Cloud - Strong understanding of capabilities and deficiencies.
Security & Compliance Centers - Ability to digest and consult customers on how to leverage the intelligence they already have.
Entra ID / Azure AD - Strong understanding of capabilities and best practices.
Ability to consult clients on the various MS licensing options that will provide an appropriate level of security for their level of risk.
Ability to consult customers with MFA migrations/rollouts.
MS Sentinel - Understanding of the overall tool and capabilities.
Ability to develop basic alerts and reports via the use of KQL.
MS Purview - Understanding of the overall tool and capabilities.
Understanding of data classification and Data Loss Prevention (DLP) implementation and operational strategies.
Entra ID Conditional Access - Understanding of how to leverage out of the box and custom Conditional Access rules.
As a senior consultant, the following skills are crucial to success:
Time Management: Skill in managing multiple projects and tasks efficiently while meeting deadlines and budgets.
Communication Skills: Ability to clearly convey complex security concepts to both technical and non-technical audiences, including executive-level clients and stakeholders.
Problem-Solving: Strong analytical skills to identify vulnerabilities and develop effective and creative remediation strategies with the available budget, technologies and in-house skills.
Leadership: Capacity to provide strategic direction and inspire confidence while leading projects and initiatives.
Collaboration: Aptitude for working effectively with cross-functional teams, including IT, risk management, and client leadership.
Adaptability: Flexibility to adjust to new technologies, regulations, and changing client needs.
Critical Thinking: Ability to assess situations logically and make informed decisions under pressure.
Client Relationship Management: Building and maintaining strong, trust-based relationships with clients.
Detail Orientation: Careful attention to detail to ensure thorough assessments and precise reporting.
Presentation Skills: Proficiency in creating and delivering impactful presentations for training, reporting, and board meetings.
Conflict Resolution: Ability to handle disputes or challenges constructively, particularly when aligning different stakeholder interests.
Negotiation Skills: Expertise in balancing security priorities with business objectives to find practical, mutually beneficial solutions.
Empathy and Active Listening: Understanding client concerns and responding in a way that meets their specific security needs.
Project Management: Capability to plan, organize, and oversee projects from start to finish.
Strategic Thinking: Long-term planning skills for developing security roadmaps that align with business goals.
Other qualifications we find highly desirable:
Knowledge and experience with tools used in penetration testing, security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations.
Business development experience.
Certification in at least one of the following: CISSP, CCSP, CISA, CISM, HITRUST Practitioner, ISO 27001 Lead Implementer, CEH.
Active Microsoft security certifications (e.g., SC-100, SC-300, AZ-500, SC-200).
Experience in Governance Risk and Compliance (GRC).
Experience with computer systems validation (CSV) and 21 CFR Part11 compliance.
Experience with managing or working in an infrastructure (e.g., network, datacenter, servers, etc.) services group.
#J-18808-Ljbffr