Current Positions Available

17_02 - Senior Cybersecurity Risk Consultant

Job Description

We are rapidly expanding to meet the growing demand for sound, practical cybersecurity advisory and are looking for consultants who are passionate about how strategy and technology can improve the maturity of cybersecurity, privacy and data protection practices at our clients.  Iron Spear provides services to help clients understand their current cybersecurity maturity and landscape, change their cybersecurity culture, and develop and implement solutions across many industries.  We provide frameworks to manage and operate cybersecurity that are aligned to the business needs which form the foundations for their cybersecurity programs.

We are looking for a consultant with extensive consulting, technology and industry experience who will help our clients solve their complex business issues from strategy through execution.  A Cybersecurity consulting career will provide the opportunity to grow and contribute to our clients' business issues every day, applying a collection of information and cyber security capabilities, including security strategy, governance, IT risk, and security testing.

Iron Spear is an equal opportunity employer and invites anyone with the required abilities to apply.

Regrettably we will not respond to international applications as we cannot support the visa process at this time.

Position Requirements

Current Position:  Contract for 3 – 6 months, we will hire the candidate fulltime if they are a good fit with our culture

Start Date:  Immediate

Minimum Year(s) of Experience: 6

Minimum Degree Required: Bachelor's degree or similar college diploma in an IT field

Certification(s) Preferred: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC)

Language:  Must be FLUENT in English and able to write clear and concise reports

Soft Skills:  Strong presentation skills, confident in speaking clearly to senior management as well as technical staff

Skills Preferred:

Demonstrates proven and extensive abilities solving complex cyber-risk management issues, including the following areas:

  • Design and development of IT Risk and cybersecurity programs using industry frameworks and methodologies
  • Strong familiarity in advising clients toward compliance to common industry frameworks such as NIST CSF, COBIT, COSO and PCI
  • Designing KRIs and metrics to build risk reports for management
  • Development and operation of enterprise-wide cyber risk governance frameworks;
  • Assessment of enterprise-wide business risks and cyber threats;
  • Development of detailed business risk scenarios and cyber threat models;
  • Design and implementation of cyber risk management controls;
  • Monitoring and reporting of cyber risks, threats and vulnerabilities;
  • Development, implementation and periodic testing of cyber resiliency plans;
  • Understand the latest trends in cybersecurity, including current threats and how they have evolve over time, in traditional IT, cloud computing and IoT environments.

 Demonstrates proven extensive abilities to manage and deliver client engagements that identify and address client needs, including the following areas:

  • Leading project workstreams and associated staff on complex cyber risk and cybersecurity management engagements;
  • Participating actively in client discussions and meetings;
  • Managing and overseeing engagements;
  • Preparing concise and accurate documents, leveraging and utilizing MS Office to complete related project deliverables; and,
  • Managing project financials in line with agreed-upon budgets

Iron Spear Information Security Ltd is a small niche cybersecurity consulting firm that strives to provide great value to our clients.  We are all passionate about what we do and are blessed with good skill-sets and clients who are wanting us to provide more services as we expand.  We have many exciting opportunities on the horizon and aim to become leaders and innovators in cybersecurity program development and management.  We are excited for new people to join our team.

Please apply with your resume and short cover letter outlining key threat risk assessment experience.