In order to address the most critical needs of our clients, RSM US LLP has established the Security and Privacy Risk Consulting group, comprised of more than 150 professionals dedicated exclusively to serving the cyber security needs of our clients. This group includes experienced consultants located throughout the country dedicated to helping clients with preventing, detecting, and responding to security threats that may affect their critical systems and data. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise within areas of security testing, architecture, governance, compliance, and digital forensics. We are seeking an experienced Consultant to join our Security Risk and Privacy group residing under our Risk Advisory consulting team. Our practice is made up of individuals able to contribute tangible value to our clients in the areas of security assessments, incident response, network vulnerability testing, IT risk assessments, and cyber program maturity recommendations. Responsibilities: Perform assessments against a variety of regulatory and industry standards such as PCI, FFIEC, ISO 2700X, NIST sp800-53, NIST CSF series, FISMA, FedRAMP, HIPAA, and NERC/CIP Perform vulnerability assessments and penetration testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures utilizing commercial and open source security testing tools Generate precise written and oral reports and professional communication for senior level review and client-facing in support of various projects. Facilitate communication and coordination between clients, client internal and external counsel, and law enforcement entities Ability to identify cyber security risks and remediation tasks of networks, computer systems and program maturity Assist with the development and delivery of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings Help identify improvement opportunities for assigned clients Required Qualifications: This position is for individuals with 2 - 5 years of hands-on technical and consulting experience in one or several of the following - Vulnerability and network penetration testing, Security maturity assessments, Cyber Security and Privacy frameworks, and Regulations and controls mapping for HIPAA, NY DFS 500, NIST 800-53 and NIST CSF. Bachelor s degree in computer science or related field from an accredited college/university PCI QSA, CRISC, CISSP, CISA, CEH or equivalent certifications are desired. Ability to travel as needed Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices Strong verbal and written abilities and multitasking and project management skills Preferred Qualifications: In-depth healthcare industry knowledge In-depth knowledge of the security and privacy provisions of a variety of regulations and standards such as PCI, NERC/CIP, HIPAA, HITRUST, FFIEC, FDIC, ISO 27000 series, NIST sp800 series, NIST CSF etc. Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) You want your next step to be the right one. You've worked hard to get where you are today. And now you're ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you'll move quickly along the learning curve and our clients will benefit from your fresh perspective. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit rsmus.com/aboutus for more information regarding RSM US LLP and RSM International.
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.