- Job Title
- Senior Consultant
- Job ID
- Work From Home,
- Other Location
About the Role
As a Consultant, you will support clients in assessing, developing, and implementing comprehensive risk assessment programs. This position will be accountable for the execution of IT risk-based audit approaches through use of our internally developed methodologies and will have responsibilities to lead key IT risk activities during performance of fieldwork.
The Ideal Candidate
Someone who can lead consulting engagements including but not limited to: IT GCC audits, network / infrastructure audits, datacenter audits, privacy compliance (GDPR, Privacy Shield) audits, Service Organization Controls (SOC2) audits etc. Ability to analyze data to identify themes and irregularities when conducting assessments and determine the root cause(s) of problems; break down complex issues, identify solutions, and provide supporting rationale. Additionally, be able to write and deliver reports detailing your findings and associated recommendations to help the client address risks and to meet security and compliance standards.
- Bachelor's degree in business, technology, or information security-related field or equivalent work experience with medical devices and/or information security.
- 2+ years of practical IT audit, cyber or data privacy consulting experience.
- Familiarity with Security Knowledge Frameworks (ISO, NIST, COBIT, OWASP).
- Proficiency with IT General Computer Controls (ITGCC) testing including IT SOX.
- Understanding of regulatory requirements, i.e. SOX, PCI, HIPAA, GLBA, FIPS, NIST, SOC, etc.
- Hands-on experience with GRC, and CRM technologies, i.e. SAP, Oracle, Archer, Salesforce.
- Familiarity with controls for networks, operating systems, distributed and mainframe environments is also required to be successful in the position.
- Strong technical, leadership, analytical/critical thinking, decision-making, and problem-solving skills.
- Strong written and verbal communication skills and the ability to communicate complex technical concepts and solutions.
- Comfortable working in ambiguous and/or undefined situations.
- Must be available for regular travel.
- Relevant risk and/or security certification(s) preferred (CISSP, CISA, CISM, C-Risk or equivalent).
CynergisTek is a top-ranked cybersecurity and information management consulting firm dedicated to serving the healthcare industry. CynergisTek offers specialized services and solutions to help organizations achieve privacy, security, compliance, and document output goals. Since 2004, the company has served as a partner to hundreds of healthcare organizations and is dedicated to supporting and educating the industry by contributing to relevant industry associations.
CynergisTek is an equal opportunity employer and values diversity. All employment is decided based on qualifications, merit, and business need. EOE/M/F/D/V.
CCPA Privacy Notice