Senior Infosec Consultant

0 Shares

We have a vacancy for a Senior Infosec Consultant based in Atlanta.

About the Team

Sysnet’s Information security team is looking for an experience senior Infosec consultant to play a key role in the evolution of Information Security within Sysnet Global Solutions.

Based out of our Atlanta office you will be responsible for advising key stakeholders and business owners on all areas of Information Security and will provide expert advice to both technical and non-technical audiences including advice on how to balance security and business requirements. Specifically, this position will help design and lead the adoption of appropriate and reasonable security standards and controls for computer platforms, applications and networks based on the needs of Sysnet stakeholders, industry-recognised frameworks and practices, and regulatory security requirements. You will report to the VP of Information Security and provide leadership and direction to junior information security team members and perform managerial responsibilities such as mentoring and development, work assignment.


About the Role

You will:

  • Help with the design and deployment and availability of enterprise security tools including, but not limited to, log management (SIEM), antivirus, intrusion prevention, data leak prevention, vulnerability scanning and remediation, identity management, etc.

  • Consult with business owners and IT stakeholders to ensure issues are remediated and propose mitigation plans to address information security risks within agreed timescales.

  • Work with the wider infosec team on identification, tracking and mitigation of information security risk through a risk methodology model and register and ensure information security compliance with identified audit requirements, security policies, standards and legislation.

  • Work with and be a part of the wider infosec incident response process.

  • Assist with audit activities when required with regards to scoping, executing, reporting and presenting on internal and external security audits, vendor questionnaires and supplier due-diligence.

  • Assist with the creation and maintenance of Security policies, processes and standards.

  • Support achievement of Information Security’s strategic objectives by ensuring policies, processes and standard controls are adopted and applied consistently across all locations

  • Determine security requirements for any new business system/applications by evaluating business strategies and requirements, researching information security standards, conducting risk and gap assessments, and studying architecture/platforms and processes

  • Research, recommend, and/or develop new or improved tools to enhance security services, information intelligence and analytics

  • Create, track, maintain and distribute timely and relevant information security KPI’s and other metrics to senior management and executives as well as contributing to the production of Information Security Risk and Compliance reports and updates for internal governance and Audit Committee meetings.

  • Manage and oversee the maintenance of technical and organisational controls across multiple technology platforms and diverse system environments within scope of our industry certifications and attestations (SOC2, ISO 27001, Cyber Essentials, etc.)

  • Continually stay informed on security, technology issues and emerging threats that could impact the business and communicate these issues, associated risks to the business and your recommendations to address them.

  • Assist in developing and implementing security awareness and technical training efforts


About you

  • Minimum of 5 years of information security and\or IT technical work experience

  • Maintains two or more professional certifications such as CISA, CISSP, CISM, CRISC, CGEIT, CIPP/T, ISO 27001 Lead Auditor/Implementor.

  • Strong understanding of data protection and privacy regulations.

  • Experience in the establishment/implementation and maintenance of compliance certification activities such as SOC2, ISO 27001/2, Cyber Essentials

  • Experience in leading, scoping, executing, reporting and presenting on internal and external security audits

  • Experience working with and as part of an infosec incident response process.

  • Experience with external customer and supplier audits/questionnaires

  • Excellent communication and report writing skills with the ability to articulate and communicate complex IT related business issues to colleagues across the business.

  • Assertive and able to constructively challenge and question.

  • Ability to effectively plan and prioritise workloads with demonstrable ability to successfully work to deadlines and measure and report on progress.

  • Practical experience of implementing and managing common security technologies including centralised log management, application and system vulnerability scanning, intrusion detection\prevention, antimalware, encryption, and authentication and access controls

  • Practical experience of security controls to protect both on-premise and cloud-based platforms (AWS, O365) and applications including Active Directory, Windows server and desktop, Mac OS, SQL, VMWare virtualization etc.

  • Strong understanding of the Information Security Industry, current information security issues and trends, architecture and security controls.

  • Experience working in a high-pressure, fast moving, Agile environment which delivers and manages products and services for clients and their customers

  • Previous team Management experience with proven capability to develop and guide junior security team members and work effectively with business stakeholders and technical staff


If you are interested in this role, please send your CV and statement of interest to hr.us@sysnetgs.com