Aon is looking for a Vice President, Security Advisory Services
As part of an industry-leading team, you will help empower results for our clients by delivering innovative and effective solutions supporting Risk.
Aon's Cyber Solutions' Security Advisory team is a trusted adviser to the world's most sophisticated organizations to help them protect their most important assets and continually improve their approach to cyber risk. We assist our clients in establishing optimized Cybersecurity programs and controls through a wide-range of advisory services engagements. Our team comprises a collection of bright minds across all domains of cybersecurity, including security architecture, risk management, security governance, controls, compliance, infrastructure, network, and cloud security. Many members of our practice are also Certified Information Systems Security Professionals, Certified Information Systems Auditors, and/or Information Privacy Professionals.
We are ISO 27001 certified across multiple service lines (cyber resilience and digital forensics) in seven U.S. cities and the UK, where we have also obtained Cyber Essentials certification. Additionally via our Gotham Digital Science subsidiary, we are certified to offer the industry leading CREST (the Council of Registered Ethical Security Testers), STAR (Simulated Target Attack and Response), and CBEST cybersecurity testing services.
This role will be part of a cross-functional Proactive Security Services team that manages, executes, and delivers various Security Advisory engagements for our clients.
The responsibilities of this position include but are not limited to the following:
* Build and lead teams of consultants in performing cyber security consulting engagements.
* Manage and lead delivery of various client engagements, ensuring engagement
* Assist with various practice development and client engagement pursuit initiatives, including the development of client engagement proposals.
* Assess and investigate client IT security programs and environments via interviews and technical information analyses.
* Understand existing client processes and controls and associated risks with respect to electronic and non-electronic information security.
* Develop client security programs by reviewing existing programs; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points.
* Architect and design of security solutions (SIEM, IDS, etc.) for client environments.
* Develop Information Security Plans and Policies, customized to client requirements and risk profile.
* Develop incident response plans and procedures, and advise clients on steps to achieve incident response readiness (logging and monitoring configurations, triage and escalation procedures, wider stakeholder liaison, etc.)
* Advise clients on the implications of GDPR and other data privacy matters from a security perspective.
* Provide recommendations on IT solutions to help clients manage information security risk.
* Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow and access control models.
* Document results of security risk analyses and formally present to clients.
* Formulate executive level recommendations related to Information Security strategy.
* Understand current regulatory environment and related implications to security management compliance.
* Enhances team competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
* Track emerging security practices and contribute to building internal processes.
* The ideal candidate would have 7+ years in progressively sophisticated roles in information security consulting coupled with demonstrable experience in various Cybersecurity domains, including risk management, compliance, security strategy, security engineering, and/ or operations.
* The position requires a strong, diverse technical background and truly exceptional oral and written communications skills.
* The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues.
* This position requires handling multiple engagements with overlapping deadlines. A demonstrated ability to write clear, coherent and precise reports on a multiplicity of complex technical issues is essential.
* A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel.
* The ability to travel is required.
* Security certifications (CISSP, CISA, CISM, GIAC, OSCP) a plus.
We offer you
A competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization.
Our Colleague Experience:
From helping clients gain access to capital after natural disasters, to creating access to health care and retirement for millions, Aon colleagues empower results for our clients, communities, and each other every day. They make a difference, work with the best, own their potential, and value one another. This is the Aon Colleague Experience, defining what it means to work at Aon and realizing our vision of empowering human and economic possibility. To learn more visit Aon Colleague Experience.
Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance.
Aon provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, or domestic partner status. Aon is committed to a diverse workforce and is an affirmative action employer.
DISCLAIMER: Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.
About Stroz Friedberg
GLOBAL LEADERS in DigitalForensics, IncidentResponse, SecurityScience, Intelligence, Investigations, DataDiscovery, ForensicAccounting & Compliance.