Sr. Cybersecurity Consultant (Compliance)
Sr. Cybersecurity Consultant (Compliance)
222 W Adams St, 11th Floor
Chicago, Illinois, 60606
West Monroe isn’t a start-up consulting firm, but we act like one.
From day one, our people have the opportunity to make a definitive personal impact for their clients and their careers. What does this mean? It means we seek out the best of the best, and then we challenge them to make us better.
If you are looking to be a “behind the scenes” technologist, this isn’t the place for you. We celebrate driven professionals who thrive in a collaborative environment. Our consultants work on front lines – partnering with clients to deliver game changing solutions in the most dynamic industries. Sound interesting? Then West Monroe Partners just might be the place for you.
Think you're up to the challenge?
West Monroe Partners is looking to hire a Sr. Consultant with a current focus on HIPAA, PCI, or GDPR compliance to provide critical security solutions to West Monroe’s Cybersecurity Practice. The Sr. Consultant will also work with practice leaders across West Monroe to set the direction of security offerings within Cybersecurity Practice.
What will you be doing?
The Sr. Consultant will be responsible for leading technical project teams as the engagement lead to gather requirements, create a design, and implement the solution. You’ll typically be working with a team of consultants working to complete a project that aligns with the client’s business objectives.
Typical engagement responsibilities will include:
* Provide strategic security advisory, PCI, HIPAA, and GDPR consulting services for enterprise clients, ranging from policy definition to adoption and enforcement
* Current state review of existing organization, processes, and technologies to deliver key findings and recommendations
* Delivery of cyber asset/system categorization and impact ratings, including site visits to multiple client locations
* Identify, scope, and deliver solutions within industries such as Healthcare & Life Sciences, Financial Services, Retail, etc.
* Develop implementation strategy and roadmaps, with an initial focus on HIPAA, PCI, or GDPR compliance
* Work closely with business and technology teams to craft solutions that align with HIPAA, PCI, or GDPR best practices
* Perform day-to-day organization, process and technology data collection and analysis, interviews and discovery workshops
* Implement security solutions including the design, configuration, development, testing and deployment of security-related technologies such as Security information & Event Monitoring (SIEM), Identity & Access Management, IDS/IPS, Data Loss Prevention, Digital Rights Management, Network Access Control and other security technologies.
* Manage client relationships and meet with clients to determine business and functional requirements
* Translate business and technical requirements into concrete projects proposals including detailed work plans and cost estimates
* Contribute to business development process at existing clients
* Promote thought leadership in emerging technologies; from partnerships to go-to-market offerings, to strategy, to design and implementation.
* Actively build a professional network and affiliate network in the local community
We need someone with real world experience in the following:
* Candidates must have 3+ years of experience performing Security Assessments work (vulnerability management, penetration tests, network security and social engineering)
* Background in auditing IT Security controls
* Ability to convey complex technical security concepts to technical and non-technical audiences including executives required
* Proactive desire to continue to broaden and deepen business and consulting skills
* Demonstrate knowledge and experience with the architecture, engineering and deployment of cyber security solutions
* Experience in leading and delivering end-to-end solutions, which could include strategy, design, development, testing and training, and implementation
* Advanced understanding of application, database, and network security principles for risk identification, mitigation, and analysis
* Experience with cybersecurity architectural roadmaps, sub-domain strategies, product roadmaps and standards
* HealthCare Information Security and Privacy Practitioner (HCISPP) certification or equivalent a plus
* Payment Card Industry Professional (PCIP) and/or Certified Information Systems Security Professional (CISSP) certification or equivalent a plus
* Certified Information Systems Security Professional (CISSP) certification or equivalent highly desired
What else do you need to bring to the table?
* Excellent organizational, verbal, presentation/facilitation, and written communication skills
* Demonstrated experience with HIPAA compliance within the Healthcare industry
* Demonstrated experience with the PCI DSS
* Bachelor’s degree in Information Technology, Computer Science, Business or equivalent industry experience
* Willingness to travel for out of town client engagements, up to 70%.
West Monroe Partners is an Equal Employment Opportunity Employer -
We believe in treating each employee and applicant for employment fairly and with dignity. We base our employment decisions on merit, experience, and potential, without regard to race, color, national origin, sex, sexual orientation, gender identity, marital status, age, religion, disability, veteran status, or any other characteristic prohibited by federal, state or local law.