Department: Engineering
Location: Bellevue, WA Date Open: 2010-06-25
Summary Job Description
This is a highly visible position responsible for practice and business development in the area of risk and compliance solutions. As a Principal Security Consultant you will be part of the NCA Professional Services team providing solutions to our customers including pre-sales, discovery interviews, security risk assessments and audits, as well as technical implementation, analysis and troubleshooting of security-related technologies. This position will work closely with the customer and NCA team to obtain requirements for the design, development, integration, and implementation of network architecture and/or information security management systems. This position requires extensive knowledge of security concepts and architecture, technical auditing techniques and standards, as well as a strong background in and knowledge of, a variety of compliance mandates. This function also requires excellent communication skills over the phone and by email with the ability to correctly convey solutions to more, or less knowledgeable customer contacts.
Primary Job Responsibilities
Architect and propose business and security solutions, along with implementation of services, that meets the customers' business and technical needs
Build in-depth knowledge of customers' technical priorities, challenges and initiatives - map those needs to NCAPS core offerings and competencies
Ensure that proposed solutions, when implemented, meet the needs and functional requirements of the customer
Perform and/or oversee the discovery, analysis and remediation of technical, administrative and detective controls for NCA customers
Identify gaps, strategic impacts, financial impacts and the risk profile related to the technical solution or offering
Facilitate communication and work effectively with other groups at NCA to accomplish division goals/objectives
Responsible for staying current with regulatory and compliance requirements for GLBA, SOX, HIPAA, PCI, SB6043, CA1386, etc.
Provide concise analysis reports and recommendations for customers in a timely manner
Develop programs/projects to productize services and offerings into the NCA business model, defining new operational programs and metrics as needed
Translate customer needs into functional design requirements, including mockups, uses cases, and briefings
Perform security research regarding emerging threats, vulnerabilities, liabilities and other risks for ISMS customers in both standard and regulated industry environments
Travel Required
Other duties as requested
Minimum Requirements
Experience:
15 + years proven success providing network infrastructure support (architecture design, routers, switches, firewalls, DNS, BGP, DHCP, IDS, Email, capacity planning, network management and escalation troubleshooting) within an enterprise environment
5 + years in a consulting services role
5 + years experience implementing information security solutions (firewalls, encryption, IPS, mail and web filtering, two-factor uthentication)
5+ years experience with gathering client business, technical and functional requirements
3+ years experience addressing compliance requirements including GLBA, Sarbanes-Oxley, PCI, HIPAA, FISMA, NERC/FERC, ISO 27001, CoBIT, etc.
2+ years analyzing and documenting business processes.
2+ years experience in conducting business and compliance risk assessments
2+ years experience with IT project or program management, including leading cross- functional teams and activities
Experienced in developing security policies/standards to address contractual issues as well as, legal and regulatory requirements
Skills:
Provides sales support and lead proposal scoping with Account Teams, Managers, and Consultants to produce quality proposals
Partners with the assigned account executives to drive follow-up on opportunities within active accounts
Applies advanced principles, theories, and concepts. May be regarded as 'in-house' expert on specific technologies. Contributes to the development of innovative principles and ideas
Contributes to proposals and reports, interfaces with C-level executives and Sales teams to ensure a successful experience for customers and NCA
Strong, creative problem-solving and analytical thinking
Willing to accept new challenges and learn in new areas
Flexible and responsive to changing situations; adaptable
Able to work independently and in a team environment
Able to convey technical information to non-technical individuals
Excellent oral and written communication skills; with the ability to interface and communicate effectively at the executive level, (e.g. CIO, CFO, CSO)
Excellent consulting and interpersonal skills
Possession of excellent risk assessment, negotiation, and problem resolution skills
Able to think critically and analytically in an enterprise architecture environment
Able to be a self-starter that can operate in a fast-paced environment with quick turnarounds, changing requirements, and weekly deliverables
Building strong relationships through quality work and thought leadership within customer organizations to assist with driving add-on business and long-term partnerships
Participate as a project team member with the development of strong deliverable content in order to drive solid recommendations for customers
Participate in the analysis, design and implementation phases of a project to provide value and expertise to the project team when developing final deliverables
Collaborate closely with the Account Managers and project team members in identifying and closing additional revenue opportunities and creating reference accounts
Contribute high quality collateral to the consulting team’s knowledge base
Required Certifications
Certified Information Security Systems Professional (CISSP) or
Certified Information Security Manager (CISM)
Desirable Certifications
