Arraya Solutions, a leading Mid-Atlantic technology consulting firm and managed services provider located just outside Philadelphia is looking for a Cyber Security Strategic Advisor to join our technology team! 

We are a culture that embraces change, values family and we are actively involved with the community. Our team consists of people with positive attitudes who have an interest in growing their knowledge around technology and leaders that are heavily involved in the day to day activities.

As a Cyber Security Strategic Advisor, you will provide executive level cyber security guidance and consulting to Customers.  You will lead customer engagement activities by advising business leaders and C-level Executives in a variety of businesses in all aspects of cyber risk and security.  The ideal candidate will be well versed in all areas of cyber security management including security controls architecture, security compliance, risk assessment, incident response preparedness and response, threat intelligence, vulnerability management, and security event analytics and correlation. He/she must be passionate about the field of cyber security and able to think strategically and operate tactically. The candidate must have in-depth security experience and be able to effectively scale and tailor security services/solutions to unique and challenging business use-cases. This role requires a strong leader who views the cyber security architecture as an extensible platform deliverable to a highly diverse and dynamic family of brands. 

Responsibilities

·         Perform cyber security gap assessments and provide recommendations and reporting to customers leveraging cyber security industry best practice frameworks

·         Lead Arraya’s incident response team providing immediate support and expert guidance to customers currently under cyber attack

·         Scope and deliver security advisory services including program/policy development, education and training programs, assessments, and incident response engagements

·         Provide guidance to customers on complying with cyber security and privacy laws including but not limited to HIPPA, PCI, SOX, GDPR, GLBA, DoD, FERC, TSA, NERC CIP, state and other laws

·         Assist customers in building an information security program, identifying and responding to cyber threats, managing identity and access effectively and efficiently, and/or mitigating the risk of information loss and addressing privacy regulations

·         Develop privacy/data protection strategies to secure information while balancing regulatory requirements with business needs

·         Work with Arraya’s clients to define and drive a multi-year cyber security program including architecture, policy and governance, reporting and process development

·         Be the industry expert; stay informed about new products, services, technologies, and other information that may be of interest to clients

·         Coordinate and oversee penetration testing or vulnerability scanning efforts and reports

·         Perform some pre-sales activities related to cyber security advisory services

Required Skills, Knowledge and Experience

·         Strong verbal and written communication is a must to be able to deliver complex topics to non-technical stakeholders

·         5+ years of experience directly leading an information security program or compliance organization or 3+ years of experience in an advisory or consulting position in related fields

·         Experience with leading and advising clients on security to include risk, governance, technology, regulatory drivers and IT security and frameworks such as NIST, ISO 27000, COBIT, ITL, CSC Critical Controls, HITECH, etc.

·         Experience in assessing organizational compliance with regulations like HIPPA, GLBA, SOX, PCI DSS, NIST 800-171, FERC, NERC CIP, NY DFS, etc

·         Experience with SSAE 16/SOC 2 controls and report development

·         Experience with penetration testing tools and techniques

·         Must be well versed with cyber security management including security controls architecture, incident response preparedness and response, threat intelligence, vulnerability management, and security event analytics and correlation

·         Understanding of security audit standards

·         Demonstrated ability to work with and communicate with other team members

·         Must have excellent communication, documentation, and customer facing skills

Education and Training

·         Bachelor’s degree in Management Information Systems, Computer Science, Engineering or a related field

• Relevant security certifications (CISA, CISM, CIPP, CISSP) are required.

Position Type and Expected Hours of Work

·         This is a full-time, permanent position, 40 hours/week.

If you want to work in an exciting, fast-paced environment with an opportunity for learning and development, please reach out to us today! 

All your information will be kept confidential according to EEO guidelines.