Consultant, Cyber Advisory
Job Title: Consultant, Cyber Advisory
Location: Remote (within a 50 mile radius of Columbia, MD, Hybrid-Remote and with travel requirements of up to 40%)
Role: Full time
Compensation Range for this position is: $60K-$160K annually
About Surefire Cyber
Surefire Cyber delivers swift, strong responses to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities. We provide clients confidence by helping them prepare, respond, and recover from cyber incidents—and to fortify their cyber resilience after an incident.
You are a highly motivated cybersecurity professional with domain knowledge and experience in cybersecurity, enterprise IT architecture, enterprise risk management, cybersecurity assessments, SOC operations, incident response, computer forensics and security training services. You enjoy working in a fast paced, start-up organization that has a meaningful impact to clients through supporting their journey to cybersecurity maturity.
Your knowledge of the current IT and ICS threat landscape, enterprise IT and client-facing experience drives your passion for continuous improvement of client cybersecurity controls. You have great communication skills, relationship management abilities and stay on top of emerging cybersecurity trends to provide well-informed cybersecurity advisory services to clients on the ever-evolving cybersecurity landscape.
Surefire Cyber is actively seeking a Consultant for our Cyber Advisory Group. This opportunity is a full-time position remote opportunity on our team that comes with a team-first culture, a competitive salary, equity in the company, excellent benefits, and continuous encouragement to learn.
In this role, you will represent Surefire Cyber as a technical and consulting resource for clients in a wide range of industries, dealing with problems related to cloud security, Privileged Access Management (PAM), Identity and Access Management (IAM) – leveraging your knowledge and skills to deliver cybersecurity solutions and services to clients preparing for or recovering from cyber incidents.
The Cyber Advisory Consultant will work on remote and onsite client-facing engagements to provide proactive incident response services. You will serve in a collaborative environment with our team and our partners to support our clients through preparation for and recovery from an incident to help them become more resilient.
High Level Responsibilities
- Be willing to learn and share your best ideas (good or bad).
- Build professional relationships and communicate effectively with clients to advise and assist them in building cybersecurity maturity and resiliency within their organization.
- Proactively share and communicate insights and provide well thought out research-based recommendations to improve client’s cybersecurity posture with a clear understanding of budget and manpower constraints.
- Actively assist in the planning, development, and on-site delivery of Incident Response Table-Top Exercises.
- Assist the Director of Advisory Services in scheduling, planning and documenting client engagements.
- Review and document shortcomings in client Incident Response Plans (IRP), Incident Response Playbooks, Business Impact Analysis (BIA), Disaster Recovery Plans (DRP) and Business Continuity Plans (BCP).
- Assist in the conduct of Cybersecurity Improvement Plans and Cybersecurity Assessments.
- Perform on-site forensic collection of laptops, desktops, servers, cell phones and lab equipment.
- Formulate and deliver verbal and written analysis of cybersecurity concepts and processes to clients in manner that can be easily consumed by technical and non-technical audiences.
- Contribute to Cyber Advisory Group process development, enhancement, and maintenance of documentation.
- Participate as an active team member of the Surefire Cyber, Cyber Advisory Group and collaborate closely with other internal stakeholders and functional areas such as the Digital Forensics and Incident Response consulting services, IT, Marketing, and Cyber Solutions to deliver resilience management solutions to clients.
- Relevant and practical work experience or training in enterprise IT operations, enterprise IT architecture, security assessments or audit.
- Computer forensics experience or training or Research Integrity sequestration experience forensics training is a plus. Should be at least minimally functional in a Microsoft Windows, Linux, Apple OSX, Apple IOS and Android environment.
- Experience or training in incident response, computer forensics, cybersecurity assessment or audits, or risk management planning.
- Knowledge of enterprise IT, cybersecurity frameworks, risk management processes, and common threat actor Tactics, Techniques and Procedures (TTP).
- Must have strong writing skills and be able to draft security assessment reports, incident reports, and training materials.
- Eagerness to learn from team, grow your knowledge, and teach your colleagues.
- Provide after-hours support and be available travel as needed (some weekend travel is involved).
- Submit interest and resume to email@example.com
- Preliminary phone interview with the Chief People Officer (approx., half an hour)
- Virtual/Teams interview with hiring leader/Chief Operating Officer (COO) and Director, Cyber Advisory Services, (approx., 45 minutes)
Benefits of Joining Surefire Cyber
- Competitive pay and equity for all employees.
- Remote work options.
- Flexible PTO, sick, holiday, and paid parental leave for all employees.
- Comprehensive health, vision, dental, 401K matching program, disability, FSA, HSA, Life and AD&D benefits.
Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.