Senior Cyber Risk Consultant (Remote-U.S. Based)
Title: Sr. Cyber Risk Consultant
Work Location: Remote...
Reports To: Director of Advisory Services
Travel: Up to 50%
Business Hours: Mon-Fri
Summary:
Since 2009, Kivu has provided incident response, risk management, and forensics investigation services to clients around the globe. Kivu is well known in the cyber security industry for our high level of technical expertise and legally sound, practical business solutions. We are a leading provider of incident response and digital forensic services to the cyber insurance community in North America and Europe.
Required Knowledge, Skills, Abilities:
Minimum of 5 years of conducting NIST CSF and HIPAA assessments and/or
Minimum of 5 years of information security experience (Incident Response, Vulnerability Management, Risk and Governance, Threat Intelligence, Security Architecture, etc.) and/or
Minimum of 5 years developing and managing incident response capabilities across multiple departments in an enterprise environment (IR Plans, Playbooks, Tabletop exercises, etc.) and/or
Ideally experience leading a team or projects
Excellent communication skills, both verbal and written
Preferred Requirements:
Positive attitude with flexibility and a willingness to work as a team, support our clients, learn, and grow.
Experience with cyber security assessments, NIST CSF 2.0, ISO 27001/2, and HIPAA/privacy Assessment
Understanding of at least one framework: ISO 27001/2, FISMA, PCI, HITRUST, NIST 800-series, CoBIT, PCI, etc
Experience briefing Senior Executives or Boards of Directors
Understanding of vulnerabilities and tools used to discover, analyze, and exploit vulnerabilities
Weekend and /or international travel may be required. The candidate should possess or be able to possess a passport and be able to travel internationally
Demonstrated ability to manage all facets of a client offering, including scoping, kickoff, development, delivery, and post-delivery responsibilities
Bachelors degree in computer science, information systems, information assurance, or equivalent work experience
Technical or professional certifications such as EnCE, CEH, GCIH, GCFA, CISA or CISSP, etc.
Experience developing and delivering Incident Response or Business Continuity/Disaster Recovery tabletop exercises is a big plus
Consulting experience is a big plus
Proactive incident response experience is a big plus
Networking and system administration experience (Windows and Unix/Linux) is a plus
Operational experience with security tools (firewalls, IDS, IPS, SIEMs, etc.) is a plus
Familiar with tactics, techniques, and procedures commonly employed by threat actors, and their motivations is a plus
Experience with audits or conducting audits a plus
Experience with common computer forensic / incident response tools and processes a plus
Responsibilities and Duties:
Conduct and serve as an expert consultant for NIST CSF 2.0 framework, ISO 27001/2, HIPAA assessments and HIPAA privacy rule assessments
Design, develop, and deliver incident response exercises to test client incident response plans based on the latest threat intelligence and the clients goals and objectives; oversee the delivery of exercises by other consultants; deliver incident response exercises to senior executives and Boards of Directors.
Develop and deliver detailed incident response plans and playbooks based on client needs
Contribute to the continual improvement of services that we deliver to clients and the processes that the team utilizes to deliver them
Provide objective, actionable, and complete guidance that enables and improves our clients incident management capabilities
Conduct assessments of client readiness to respond to incidents, including designing and delivering incident response exercises to test client incident response capabilities; review the assessments of other consultants
Support the development of complex incident response exercises based on the latest threat intelligence and client goals and objectives, review analysis and conclusions of other consultants
Document findings, develop recommendations and present both orally and in written reports; coach, teach and mentor junior consultants with their ability develop recommendations and present both orally and in written reports
Promote Kivu by participating in external speaking engagements, writing whitepapers and blogposts, and ensuring identification of opportunities for additional support to be provided to clients
Develop and deliver training courses, focused on incident response topics
Coach, teach and mentor junior staff
May require up to 50% travel
Equipment Used:
All equipment required to perform duties and tasks were previously described.
Physical / Environmental Factors:
The physical demands are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Kivu Consulting considers applicants for all positions without regards to race, color, national origin, age, religion, sex, marital status, veteran or military status, disability, or any other legally protected status. Kivu Consulting is an Equal Opportunity Employer.
Benefits:
Flexible PTO
Medical, Dental, and Vision
401k
Remote Work
Apply Now
Work Location: Remote...
Reports To: Director of Advisory Services
Travel: Up to 50%
Business Hours: Mon-Fri
Summary:
Since 2009, Kivu has provided incident response, risk management, and forensics investigation services to clients around the globe. Kivu is well known in the cyber security industry for our high level of technical expertise and legally sound, practical business solutions. We are a leading provider of incident response and digital forensic services to the cyber insurance community in North America and Europe.
Required Knowledge, Skills, Abilities:
Minimum of 5 years of conducting NIST CSF and HIPAA assessments and/or
Minimum of 5 years of information security experience (Incident Response, Vulnerability Management, Risk and Governance, Threat Intelligence, Security Architecture, etc.) and/or
Minimum of 5 years developing and managing incident response capabilities across multiple departments in an enterprise environment (IR Plans, Playbooks, Tabletop exercises, etc.) and/or
Ideally experience leading a team or projects
Excellent communication skills, both verbal and written
Preferred Requirements:
Positive attitude with flexibility and a willingness to work as a team, support our clients, learn, and grow.
Experience with cyber security assessments, NIST CSF 2.0, ISO 27001/2, and HIPAA/privacy Assessment
Understanding of at least one framework: ISO 27001/2, FISMA, PCI, HITRUST, NIST 800-series, CoBIT, PCI, etc
Experience briefing Senior Executives or Boards of Directors
Understanding of vulnerabilities and tools used to discover, analyze, and exploit vulnerabilities
Weekend and /or international travel may be required. The candidate should possess or be able to possess a passport and be able to travel internationally
Demonstrated ability to manage all facets of a client offering, including scoping, kickoff, development, delivery, and post-delivery responsibilities
Bachelors degree in computer science, information systems, information assurance, or equivalent work experience
Technical or professional certifications such as EnCE, CEH, GCIH, GCFA, CISA or CISSP, etc.
Experience developing and delivering Incident Response or Business Continuity/Disaster Recovery tabletop exercises is a big plus
Consulting experience is a big plus
Proactive incident response experience is a big plus
Networking and system administration experience (Windows and Unix/Linux) is a plus
Operational experience with security tools (firewalls, IDS, IPS, SIEMs, etc.) is a plus
Familiar with tactics, techniques, and procedures commonly employed by threat actors, and their motivations is a plus
Experience with audits or conducting audits a plus
Experience with common computer forensic / incident response tools and processes a plus
Responsibilities and Duties:
Conduct and serve as an expert consultant for NIST CSF 2.0 framework, ISO 27001/2, HIPAA assessments and HIPAA privacy rule assessments
Design, develop, and deliver incident response exercises to test client incident response plans based on the latest threat intelligence and the clients goals and objectives; oversee the delivery of exercises by other consultants; deliver incident response exercises to senior executives and Boards of Directors.
Develop and deliver detailed incident response plans and playbooks based on client needs
Contribute to the continual improvement of services that we deliver to clients and the processes that the team utilizes to deliver them
Provide objective, actionable, and complete guidance that enables and improves our clients incident management capabilities
Conduct assessments of client readiness to respond to incidents, including designing and delivering incident response exercises to test client incident response capabilities; review the assessments of other consultants
Support the development of complex incident response exercises based on the latest threat intelligence and client goals and objectives, review analysis and conclusions of other consultants
Document findings, develop recommendations and present both orally and in written reports; coach, teach and mentor junior consultants with their ability develop recommendations and present both orally and in written reports
Promote Kivu by participating in external speaking engagements, writing whitepapers and blogposts, and ensuring identification of opportunities for additional support to be provided to clients
Develop and deliver training courses, focused on incident response topics
Coach, teach and mentor junior staff
May require up to 50% travel
Equipment Used:
All equipment required to perform duties and tasks were previously described.
Physical / Environmental Factors:
The physical demands are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Kivu Consulting considers applicants for all positions without regards to race, color, national origin, age, religion, sex, marital status, veteran or military status, disability, or any other legally protected status. Kivu Consulting is an Equal Opportunity Employer.
Benefits:
Flexible PTO
Medical, Dental, and Vision
401k
Remote Work
Apply Now