Cyber Security Consultant

Location: Minneapolis, MN Description: Our client is currently seeking a Cyber Security Consultant.We're looking for someone to Develop, design and execute critical aspects of the Enterprise Security Risk Management function. Identifies, analyzes, tracks & reports security risks via maintenance of a security risk register. Partners with the business and technology teams to understand the business technology landscape in order to facilitate discussions based on security risk. Partners with security risk assessment teams to build out risk assessments and manage findings from various security risk assessments to closure.This job will have the following responsibilities:

• Build out and maintain a security risk register that enables security risks to be identified tracked and managed at both a Business Unit & Enterprise level.
• Analyzes results from various security risk and control assessments to aggregate security risks and adjust risk ratings on a periodic basis.
• Provides process governance for findings management.
• Manages security findings from various security risk assessments as well as security findings reported by various business units.
• Communicates security risks with teams across the organization in business-friendly language.
• Mentor/coach and give work direction to Analysts & Sr. Analysts.
• Develops and gives presentations appropriate for senior level audiences.

• Bachelor's degree or higher with a concentration in computer science, technology, or business, or equivalent combination of education and experience.
• Minimum of 8 years of experience working in security (physical or cyber).
• Provide technical governance and oversight for the secure design of systems, processes, projects and changes.
• 3 years experience implementing risk management practices in an Agile/Dev Sec Ops environment
• Experience securing cloud service provider environments including IaaS, PaaS, SaaS and hybrid-cloud.
• Experience and expertise in security and lifecycle management, auditing methodology, and technology risk assessments.
• Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives.
• Ability to review security control implementations to ensure alignment with enterprise requirements
• Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives.
• Solid understanding of information security policies, standards, industry best practices, and framework (ISO 27K, NIST 800-53, FISMA, BITS etc.).
• Strong business acumen with the proven ability to bridge the gap between business and technology.