Security Delivery Consultant / Virtual CISO

The role of the Security Delivery Consultant / Virtual CISO (vCISO) provides the expertise required to properly scope and deliver technology solutions and services to our clients.  They work closely with the sales organization, pre-sales architects, and our client base to define each service opportunity while adhering to industry and manufacturer best practices. The consultant will help deploy solutions in client environments and provide knowledge transfer as well as aid as necessary to resolve any existing issues or problems that the client is faced with.

The Security Delivery Consultant / vCISO will:

• Perform security and/or risk assessments in a fast-paced environment along with providing timely and practical recommendations to mitigate the identified risks
• Performssecurity and/or risk assessments aligned with industry standards (ISO 27001/2, NIST, CIS, PCIDSS, FISMA, SOX, GLBA, MITRE ATT&CK), regulatory requirements, and best practices
• Perform maturity assessments in cyber security and information technology
• Participate in discovery workshops with other consultants and key stakeholders, both in IT and other business units
• Develop collateral, participate in client presentations, and provide knowledge transfer
• Lead security training events and sessions for end user organizations
• May require vendor specific certifications to support partnership requirements

Requirements

• Bachelor’s degree in Computer Science, Management Information Systems, Information Technology, Engineering, Mathematics, or a related field
• At least three years of experience in security assessments (Third Party Security Risk Assessments, ISMS/NIST Assessment, SOC 2 Type 2 Assessment, Enterprise Risk Assessments, Configuration Review, Architecture Review, Controls Review)
• Has working experience in Data Privacy (PDPA, GDPR, DPA of 2012) and Security Awareness and Training
• Strong knowledge in IT Audit/Assessments and/or Maturity Assessments
• Strong knowledge on information security standards and guidelines such as ISO 27001/2, NIST, CIS, PCI DSS and HIPAA
• Understanding of technology (cloud, servers, storage, virtualization, etc.) best practices
• Preferably has at least one of the following certifications:
  • ISC2 CISSP
  • ISACA CISA or CRISC
  • SANS GIAC
  • Relevant certifications for PCI DSS, HITRUST, and other industry security standards/guidelines
• Good analytical, communication, interpersonal, and presentation skills

Work Location 

• Based in Minneapolis, MN or hybrid work location with some travel (25%)

Reporting Relationships

• Reports to the Chief Information Security Officer

Evolving Solutions is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.

DO THE RIGHT THING

Do what is right every day. Your personal integrity and the reputation of Evolving depends on this.

BE A TEAM PLAYER

Evolving Solutions is better when everyone is together. The ability to solve problems as a team for our clients and partners is Evolving Solutions’ strength and differentiation.

BE HUMBLY CONFIDENT

Possess knowledge and experience to deliver at the highest level, while maintaining the willingness to learn more and the humility to recognize you will never know it all.