Principal Security Consultant, Governance (Remote)
Posted on: November 14, 2022
SEIZE THE OPPORTUNITY TO BE A PART OF SOMETHING GREAT!
Presidio is on the leading edge of a technology-driven movement to
transform the way business is done, for our customers and our
customers' customers. Joining Presidio means immersing yourself in
a culture of self-starters, collaborators and innovators who make
real, lasting change in the marketplace via cutting-edge technology
and business solutions. At Presidio, we know that it's our people
that make the connections happen.
WHY YOU SHOULD JOIN US? You will set your career on track for
outstanding achievement with a company that knows no limits.
Presidio is a leading a global digital services and solutions
provider focused on Digital Infrastructure, Business Analytics,
Cloud, Security & Emerging solutions.
THE ROLE: Principal Security Consultant, Governance
As a Principal Security Consultant, you will possess a deep level
of expertise and vast knowledge base in core information security
governance, risk, compliance, and privacy domains. It is critical
that a Principal Security Governance Consultant be able to present
complex solutions and topics in a concise manner. The consultant
must be comfortable blending multiple service offerings and
deliverables into a single aggregate final risk report/deliverable
and executive presentation for audiences of all levels and
The ideal consultant will have experience in reviewing,
understanding and interpreting risk management and compliance
frameworks, security standards, and privacy models. The consultant
must have a professional and practical understanding of Information
Technology, including how technical and administrative controls are
implemented across various industry verticals and company sizes.
The candidate should be well versed in assessing said controls,
understand how controls should be governed, and be able to assist
in the strategic development of aligning security goals to business
objectives. This is a customer-facing role.
This is a hybrid role. You will be remotely based with required
travel to client locations to deliver professional services when
needed (average of 25-30%).
- Lead customer engagements and project execution providing
information security consultation and assessment services, helping
our clients meet their compliance obligations by evaluating their
business, technology, and operations against industry security
- Educate, mentor, advise, and share your expertise with clients
and colleagues to aid in making decisions on topics like
organizational security strategy and services scope as well as
provide consultative guidance on complex projects.
- Providing clear, organized findings and recommendations to
clients and tracking progress towards resolution and
- Consult/advise with C-level Security Leaders (CISO, CSO, CIO,
etc.) and the Board of Directors with our most valued and strategic
- Develop strategic, operational, and tactical recommendations
tailored to each customer with the intent to improve a customer's
security posture and compliance position.
- Create detailed strategic security roadmaps with short-term,
mid-term, and long-term goals that prioritize remediation
recommendations and address all instances of non-compliance with
applicable regulatory, statutory, contractual, and organizational
- Lead large security engagements in concert with other
cybersecurity practices and Presidio teams.
- Develop security policies, standards, and procedures that are
custom-tailored to each customer's unique culture, security goals,
and organizational objectives using industry best practices and
- Review, analyze, and assess key factors, including inherent
risk, mitigating controls, business impact, likelihood, and other
key elements to determine organizational security risk.
- Ensure and assess customer alignment to, and/or compliance
with, applicable regulatory, federal, state, local, contractual,
and organizational requirements and best practices standards such
as ISO 27001, NIST CSF, PCI DSS, HIPAA, FERPA, NIST 800-171, CMMC,
- Work closely with organizations to conduct security program
development by establishing the foundation for a best of breed
security program architecture reference model using industry
frameworks and standards such as ISO 27001, NIST 800-53, NIST Cyber
Security Framework (CSF), etc.
- Work with other seasoned Principal Security Consultants in a
collaborative setting to support and assist in the execution and
delivery of key services such as Cloud Governance, Advisory
Services, security program development, documentation review, and
security consulting services.
- Assist practice Directors in cybersecurity administrative
functions, such as documentation maintenance, documentation
creation, peer review, and other internal cybersecurity
- Ability to travel up to 30%.
- Previous professional experience providing consultative
- Strong professional expertise in information security with the
ability to thoroughly understand complex principles and apply them
- Comfortably present security concepts and/or findings to both
highly technical and entirely non-technical audiences.
- Ability to manage multiple tasks and responsibilities, work
alone or in small teams, achieve established goals and objectives,
and communicate progress in a timely manner.
- Must be analytical, innovative, and possess a strong sense of
attention to detail.
- Strong cross-functional team participant and collaborative
approach to problem-solving.
- Manage and guide engagement members to engagement
- Prior experience working closely with customers and
collaborating with IT staff is a plus.
- Strong verbal and written communication skills, organizational
skills, and attention to detail.
- Ability to work collaboratively or independently as required by
a given situation.
- Ability to manage multiple and changing priorities and
- Ability to be flexible and embrace change.
- Self-motivated and self-directed.
- Self-starter with the ability to manage their own tasks into a
larger project or program effort.
- Ambitious and goal-oriented, with the initiative to work until
the job is complete.
- Working knowledge of Security Testing and Audit Platforms
(Nessus, NMAP, etc.).
- Working knowledge of host/network common vulnerabilities and
exploits (CVEs, IAVAs, etc.), hacker methodologies and tactics, and
the tools used.
- Experienced in using the Microsoft Office Suite (Word, Excel,
Additional Desired Skills:
- Ability to work closely with cross-functional departments
within Presidio and the customer.
- Willingness to learn from our close-knit group as well as
contributing thoughts, tools, industry news, or lessons
- Desire to grow the business by identifying up-sell
opportunities with existing and potential clients.
- Experience with project deliverables from a VAR/Integrator is
- Ability to maintain tact, composure, and professionalism in an
interrupt-driven environment and/or when challenged by
- Cloud Security Knowledge is a plus in AWS and Azure
- Bachelor's Degree or the equivalent work experience and/or
military experience (Bachelor's Degree Information Security, IT,
Computer Science, or Engineering is highly preferred).
- Minimum of 5-10 years of conducting Information Security risk
and compliance assessments.
- 3-5 years of evaluating compliance with regulatory and key IT
standards such as HIPAA/HITECH, PCI DSS, NIST CSF, ISO 27001,
GDPR/CCPA, NERC CIP, and other similar standards/frameworks.
- Strongly prefer candidates with payment card (QSA, PCI DSS,
PA-DSS, P2PE, PFI), financial (GLBA, SOX, SSAE 18), and/or health
care (HIPAA/HITECH) experience.
- Current information security certifications such as CISM, CISA,
CISSP, ISO 27001 LI, are preferred.
Presidio is committed to Diversity, Equity, and Inclusion at the
highest levels and has strengthened its drive to build and drive
systemic DE&I change process across all levels of the
organization. Cultivating a culture of inclusion where the
expression of all our differences are valued, celebrated, and add
to our collective achievements.
Presidio is a global digital services and solutions provider
accelerating business transformation through secured technology
modernization. Highly skilled teams of engineers and solutions
architects with deep expertise across cloud, security, networking
and modern data center infrastructure help customers acquire,
deploy and operate technology that delivers impactful business
outcomes. Presidio is a trusted strategic advisor with a flexible
full life cycle model of professional, managed, and support and
staffing services to help execute, secure, operationalize and
maintain technology solutions. We serve as an extension of our
clients' IT teams, providing deep expertise and letting them focus
on their core business. Presidio operates in 40 US offices and
offices in Ireland, London, Singapore, and India.
For more information visit:
Presidio is an Equal Opportunity / Affirmative Action Employer /
VEVRAA Federal Contractor. All qualified candidates will receive
consideration for this position regardless of race, color, creed,
religion, national origin, age, sex, citizenship, ethnicity,
veteran status, marital status, disability, sexual orientation,
gender identification or any other characteristic protected by
applicable federal, state and local statutes, regulations and
To read more about discrimination protections under Federal Law,
If you have any difficulty using our online system and need an
accommodation in the job application process due to a disability,
please send an email to ...@presidio.com for assistance.
Presidio is a VEVRAA Federal Contractor requesting priority
referrals of protected veterans for its openings. State Employment
Services, please provide priority referrals to ...@presidio.com
RECRUITMENT AGENCIES PLEASE NOTE:
Agencies/3 rd Parties may not solicit to any employee of Presidio.
Any candidate information received from any Agency/3 rd Party will
be considered a gift and property of Presidio, unless the Agency/3
rd Party is an Authorized Vendor of Presidio with an up-to-date
Presidio Contract in hand signed by Presidio Talent Acquisition. No
payment will be made to any Agency/3 rd Party who is not an
Authorized Vendor, nor has specific approval in writing from
Presidio Talent Acquisition to engage in recruitment efforts for
#CB Associated topics: business, business analytic, business
intelligence, business systems analyst, examiner, government,
investment analyst, investment analytics, refine, strategy
Keywords: Presidio, Caldwell , Principal Security Consultant, Governance (Remote), Other , Caldwell, Idaho
Didn't find what you're looking for? Search again!