Senior Consulting Engineer - Information Security Cdw
Chicago, IL

Job Description

CDW's vision is to be the best national provider of Integrated Technology Solutions. We will achieve this reputation by continuing to delight our customers and being the employer of choice for Integrated Technology Solutions. Senior Consulting Engineers at CDW are smart, hard-working Engineers who enjoy teaming with other best and brightest Engineers on highly visible, technically challenging projects and offerings. We are looking for high-caliber, well-rounded professionals who are passionate about emerging technology, projects and consulting.

Key Areas of Responsibility

* Perform and/or lead security controls assessments and security framework and compliance gap analysis projects for complex organizations; gather information about security practices and controls via interviews and documentation review, map findings and gaps to the relevant standards, provide security controls maturity and effectiveness ratings, perform risk assessments, and provide recommendations for improvement.


* Take responsibility for managing projects, including taking ownership of customer communication and coordinating internal resources.


* Provide information security consulting services to customers across many verticals. Topics to include security policy, frameworks, controls, risk assessment and information security management systems.


* Communicate security policy and technology issues verbally on both a formal and informal basis to all levels of client staff, ranging from senior executives to user representatives. Deal with client discussions in an unstructured interview environment and produce high-quality written technical documents.


* Work independently to manage and execute multiple projects in diverse customer environments, ensure that appropriate management is apprised of project status, bring projects to completion and follow up with customers regarding results.


* Gain a clear understanding of client environment, identify client needs, and effectively communicate solutions.


* Develop tools for internal team use. Actively contribute to the maintenance and enhancement of team systems and processes.


* Develop and complete an education plan to grow your skills consistent with client needs. Assist other team members with their efforts toward this goal.


* Participate in pre-sales activities, as needed, to demonstrate team competency, explain offerings, and provide guidance about engagement scope and structure.


* Conduct research on security topics, and develop tools and documentation to assist security team activities.


* Promote awareness of the team whether by building relationships with internal customers, publishing whitepapers or advisories, participating in marketing materials, or presenting at conferences.



Qualifications

Education and/or Experience Qualifications

* Bachelor degree in business, computer science, a related technical degree or equivalent


* Five years' experience in information/cyber security, particularly in the areas of GRC, controls assessment or risk assessment



Other Required Qualifications

* Minimum of two years consulting experience


* Prior work with a strong emphasis on security


* Direct responsibility for one of the following; penetration testing, policy and process design or review, forensics and incident response, application security, security administration, risk assessment, governance or compliance


* Strong knowledge of one or more of the following compliance frameworks and standards: FISMA, NIST SP 800-53, NIST CSF, NIST SP 800-30, NIST SP 800-171/DFARS, ISO/IEC 27000, HIPAA, PCI, GLBA, SOX, GDPR


* Ability to work weekends and/or off hours as necessary to meet clients' needs


* Ability to effectively communicate with clients


* Strong written and verbal communication skills with the ability to effectively interact with all stakeholders


* Proven ability to maintain and create technical documentation for the enterprise-level customers


* Strong analytical skills with the ability to demonstrate solid attention to detail and a penchant for accuracy


* History of balancing competing priorities with the ability to adapt to the changing needs of the business while meeting deadlines


* Attention to detail on inventory and logistics is critical


* Physically able to push, pull or lift up to 50 pounds of equipment. The team lift system must be utilized for loads weighing more than 50 pounds


* Ability and willingness to travel up to 50% or as needed to other CDW locations or client sites



Preferred Qualifications

* Some technical knowledge or background, such as penetration testing, application development or scripting, cyber defense, system administration, or similar


* CISSP certification and at least one other standard certification (e.g., CISA, GCIH) preferred