Security Advisory Consultant Job in Netrix

Security Advisory Consultant Netrix has need for a Security Consultant within our Security Advisory team. Our Advisory practice designs and implements security programs that are practical, effective, commensurate with risk and aligned with our clients business objectives. The Security Consultant role is an execution-level role that will work within the broader Advisory team and will be responsible for assisting in the delivery of defined information security programs. Expectations include executing diverse types of security projects and activities including, but are not limited to, vulnerability assessments, risk assessments, vendor security assessments, training and phishing simulations, process design, reporting, and compliance activities. All Netrix services are designed to forge a trusted partnership with our clients. This comes from ensuring that all security services are delivered with excellence and are executed in a timely manner. Regular communication with clients is equally important to ensure that expectations are being met. Required Skills Prior experience or training as an information security consultant or practitioner (Network Security Administrator, Assessor, Analyst, GRC specialist) with experience in several of the following security activities: Vulnerability Management Risk Assessments Alignment with common industry security frameworks Findings Remediation Policy, Standards and Procedures development Security Risk Reporting Vendor Security Assessments Education and Awareness Training Access Control (Provisioning, Deprovisioning, Access Reviews) Demonstrable expertise solving real-world security problems, not just security theory Working knowledge of information security management systems and frameworks, such as ISO 27002, NIST CSF, CIS Controls and common privacy and regulatory standards, such as HIPAA, PCI-DSS, GDPR, CPA. Functional knowledge in most basic technologies, including, but not limited to: Active Directory, Windows Networking Infrastructure Endpoint and Mobile Device Security Intrusion Detection/Prevention Systems Familiarity of best practices related to Incident Response, Disaster Recovery, and BCP Familiarity with common attacks, vulnerabilities, and associated risks, such as: Ransomware, SQL Injection, Brute force attacks, Malware infection, Phishing/BEC attacks, etc.