Senior Cybersecurity Risk Consultant

Philadelphia, Pennsylvania, United States · GRC & Strategy


Security Risk Advisors is looking for a Senior Cybersecurity Risk Consultant. This role will focus on a wide-range of technical, strategy, and compliance concepts which span both Governance, Risk, and Compliance (GRC) and Threat Management (TM) practice areas. Our style of consulting is dynamic, innovative, fast-paced, and highly rewarding for both our clients and our team. This is an outstanding opportunity to maintain high visibility while working across various well-known client organizations.


· Team with client representatives to define program objectives, design processes, and configure security tools to enable clients to address cybersecurity risks.

· Interact effectively with technical and non-technical groups within client environments

· Conduct requirements gathering, analysis, and assist in the development of security strategy for clients.

· Lead cybersecurity risk and maturity assessments against industry frameworks including NIST and ISO27001

· Implement/engineer and advise on multiple information security control set categories and vendor products, including but not limited to Incident Response, DLP, EDR, Network Detection & Forensics, SIEM, Network Architecture and Firewall Management

· Evaluate risk based on industry and regulatory requirements (such as HIPAA, GBLA, GDPR, FAIR)

· Perform technical audits of system configurations against industry benchmarks (CIS, STIG)

· Work closely with, and mentor consultants while advising clients and creating client deliverables

· Lead client workshops to scope projects and drive discussion of complex topics

· Draft reports and client deliverables with minimal oversight

· Keep abreast of information security principles, policies, standards and guidelines

· Understand the role of information security across multiple industries

· Protect organization's value by keeping information confidential

· Remain current on information security and emerging threat trends, tools and methodologies.


· Demonstrated self-learner, keep pace with IT Security and Compliance news and industry developments

· 4+ years of related experience with at least 3 years of experience from a national public accounting or consulting firm

· Ability to manage projects from start to finish

· Strong written and verbal communication skills with a high level of professionalism

· Excellent interpersonal skills with the ability to effectively lead team meetings

· Ability to work effectively with a team, yet function well with independent responsibilities

· Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed

· Bachelor’s degree in IT, MIS, Computer Science, or related field preferred

· Willingness to travel, estimated 30%


· Cybersecurity certifications (e.g., CISSP, CISA, CISM)

· 1+ years of experience with enterprise level security networking and incident response.

· 1+ years of Incident Response, DLP, EDR, Network Detection & Forensics, SIEM, Network Architecture and Firewall Management

· Experience with risk management frameworks and best practice in the private sector

Skills and Qualifications:

Attention to Detail, Coordination, Report Writing, Technical Management, Strategic Planning, Team Work, Highly Motivated, Writing, Decision Making, Analyzing Information, Innovative Thinking

About SRA:
Security Risk Advisors is an 120+ person fast-growing cybersecurity consulting company. Our clients are concentrated in the Fortune 1000 and Global 1000. We have a fast-paced, agile and fun culture that focuses exclusively on cutting edge cybersecurity engagements that solve the emerging needs of our clients. Our environment fosters the continuous professional development necessary to remain at the top of our game. We are a Philadelphia-based company and our team members maintain flexible hours through a combination of work from home and reasonable travel.

Apply for this job