Work In Tech

Find your next role at Canada's fastest-growing tech companies

Cybersecurity Consultant

Plurilock

Plurilock

IT
Posted 6+ months ago

Job Title: Cybersecurity Consultant

Department: Technical

Reports To: VP of Professional Services

Status: Exempt

Summary Description:

The Cybersecurity Consultant plays an integral part in building, maintaining, executing, and assuring a comprehensive set of cybersecurity program offerings. As part of the professional services organization, the Cybersecurity Consultant will engage with customers and partners to deliver our cybersecurity services. This position supports the delivery, evolution, and optimization of existing cyber security service offerings, while researching opportunities to expand our capabilities. You will be responsible for performing both automated and manual security assessments as well as developing, finalizing, and reviewing customer deliverables. The Cybersecurity Consultant is responsible for security assessments, risk assessments, gap analysis, vulnerability assessments, and supports the efforts of our managed security services.

Within these core accountabilities, this position will continue to build on the Consultant’s technical skills, and grow their communication, leadership, and organizational skills. This role will have the flexibility to build out a cybersecurity consulting practice while working directly with customers and collaborating with the existing engineering team.

Core Security Activities

  • Responsible for building and executing a comprehensive set of cybersecurity program offerings
  • Conduct consulting services for Aurora customers such as gap analysis, risk assessment, security program management, red team exercises, and other similar engagements
  • Assists in the development of security standards, processes and procedures, and guidelines for our customers
  • Assists our customers in the implementation and execution of security standards, processes and procedures, and guidelines
  • Provides analysis and assists in monitoring security compliance with industry and government rules and regulations for our clients and customers
  • Assists in developing reports on security performance against established security metrics
  • Oversee Aurora’s security testing practice, whether those services are handled by internal personnel or sub-contractors
  • Assists in reviewing Vulnerability Assessments and Technology Architecture Plans for security requirements
  • Lead, attend, and support cybersecurity-related system design reviews and other technical meetings
  • Review and critically evaluate system security plans, network diagrams, and other security documentation as part of security engagements
  • Produce threat and other reports as dictated by customer project scope
  • Coordinate and track all cybersecurity related engagements including scope of assessments, client engagement, timelines, auditing agencies, and outcomes
  • Responsible for accuracy and integrity in scoping and quality delivery of client deliverables, as well as assisting in business development, sales, and marketing efforts
  • Work with customers and partners as appropriate to keep engagements on scope, maintain excellent relationships with Customers, and provide a consistent interaction that continually reflects positively towards Aurora
  • Work with Aurora leadership to build cohesive cybersecurity and compliance (IT Governance) strategies and services for Customers and Partners to effectively address operational and regulatory requirements
  • Continually evaluate the latest vulnerability, network discovery, penetration, and other security tools
  • Draft white papers and solutions briefs to share with vendors and clients regarding cybersecurity solutions
  • Complete certifications as required to maintain a high degree of credibility

Business Communication

  • Has a fundamental understanding of the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments
  • Has a solid understanding of how to assist clients in executing an information security awareness program to ensure staff members across the organization understand the trade-off between risk and return
  • Understands the “voice of the customer” and assists in the development of mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with need
  • Communicates clearly with technology and business groups to assess, implement, and monitor IT-related security risks/hazards

Qualifications

  • Familiarity with information security frameworks such as NIST, ISO, and CMMC
  • Expert ability to provide excellent customer service and establish and maintain credibility and interpersonal relationships with diverse groups (e.g., partners, customers, business leaders)
  • Demonstrated significant prior experience managing project scope, schedule, and cost, including forecasting, and tracking
  • Prior experience writing and maintaining technical policies for a large organization
  • Must possess strong presentation and communications skills to accurately deliver and convey information both in verbal and written form to various levels of a customer’s organization
  • Ability to work extremely well under pressure, while maintaining confidentiality, a professional image, and approach with customers is paramount