Sia Partners is a unique global management consulting firm composed of 950+ passionate consultants who drive business changes among our customers. Through unparalleled industry expertise, we deliver superior value and tangible results to our clients in over 21 sectors and service teams.

Sia Partners has been present in the US since 2012 through an acquisition of a well-established consulting firm specialized in Financial Services, Oil & Gas and Energy. It has enjoyed continuous growth since: the US is now its second biggest market.

Sia Partners is hiring! Thanks to Sia Partners’ international footprint, the Financial Services and Gas Oil & Energy practices are strategically located in all major financial and energy hubs (New York, Charlotte, Houston, UK, Europe, and Asia Pacific) and our integrated model allows teams from different countries to easily partner, when appropriate.

The Cybersecurity and IT Risk Consultant performs Cyber and IT Risk assessments, makes recommendations and implements steps to combat and identify cyber threats and IT risks. The consultant will leverage IT tools, framework and appropriate methodologies to conduct these assignments.

The consultant will also help clients understand and quantify their risk exposures, evaluate strategy or program, and build/maintain risk models. Certain assignments will also consist of advising clients in order to build and implement IT Risks or Cybersecurity controls, assisting in writing documentation, or conducting testing.

Business Communication

• Understands the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments.
• Understands “voice of the customer” and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with need.
• Coordinates with technology and business groups to assess, implement, and monitor IT-related security risks/hazards.
• Prepares assessments and cyber threat profiles of current events based on the sophisticated collection, research and analysis of classified and open source information.
• Produces high-quality papers, presentations, recommendations, and findings for Senior Level Management and Enterprise Technology Leaders.
• Provides briefings and presentations to customer leadership supporting Information Technology, Security and Network Operations decision making.

General Profile:

• Requires specialized depth and/or breadth of IT Risk expertise.
• Interprets internal or external business issues and recommends best practices.
• Collaborates with others to solve complex problems; uses sophisticated analytical thought to exercise judgment and identify innovative solutions.
• Works independently, with guidance in only the most complex situations.

Technical Expertise:

• Understand and utilize physical components, types of networks/operating systems/databases, protocols, and topologies.
• Must be well versed in the techniques that actors utilize to attack an organization and understand how to pull information from large data sets and how to structure information for reuse.
• Knowledge of collection and analysis methods as well as knowledge in multiple tools (e.g. Penetration Testing), mostly targeted to data correlation and technical areas.
• Knowledge of IT Frameworks (COBIT, NIST…)
• Good Understanding of Software and Database Architecture
• Previous Software Development / QA is a plus

Functional Knowledge:

• Interprets IT Risk business challenges, identifies trends and recommends best practices.

Business Knowledge:

• Able to articulate complex Cyber Threats to non-technical business leaders.
• Excellent verbal and written communication skills.
• Ability to train IT security concepts.
• Strong problem solving and analytical skills.

Leadership, Decision Making and Communication Requirements:

• Works independently and with minimal direction to identify emerging threats to network environments. 
• Ability to react to high pressure dynamic changing environments.
• Team oriented, with the ability to work with diverse personnel within the intelligence capability.
• Makes decisions that have cross-functional impact.
• Understand how to turn requirements for intelligence into collection requirements, collect, prioritize, and store information from multiple intelligence disciplines.
• Communicates complex ideas; persuades and negotiates with others, often at senior levels, to adopt a different point of view.

Problem Solving:

• Collaborates with others to solve complex problems; uses sophisticated analytical thought and education and/or equivalent experience to exercise judgment and identify innovative solutions.
• 
  
• Critical thinking: Demonstrates the ability to define the problem, apply root cause analysis on Cybersecurity controls and propose recommended courses of action.

• 4-10 years’ experience in Information Technology, Security or Risk from an IT Audit or IT Risk consulting background.
• Ideally a BA/BS in Information Technology, Security, Cyber Intelligence or similar discipline.
• Advanced degree in the aforementioned academic areas of focus is a plus.
• Academic and educational requirements can be substituted for Military or Governmental Agency Intelligence positions.  This will based upon Rank, Time in Service, and Military Occupational Specialties (MOS).  Positions include Information Operations, Intelligence, Cyber Warfare, Network Defense, Electronic Site Exploitation, or equivalent responsibilities.
• Professional accreditations such as CISA or CISSP are a plus.

• Limited travel: Clients are based in NYC/NJ
• No Relocation 

All your information will be kept confidential according to EEO guidelines.