Principal Security Consultant

This is a fully remote position, open to applicants in New Jersey, +4 more states.

📋 Description

• The Principal Consultant serves as a technical advisor responsible for developing, mentoring, and training the Professional Services team, which includes overseeing their onboarding and ensuring their expertise on service offerings is current.

• This position supports Delivery Management and Resource Management to meet delivery Theatre objectives and revenue goals, while also managing client escalations through communication between the delivery team and other Tenable departments.

• Furthermore, the Principal Consultant aims to enhance Tenable Subk partners through training and certification onboarding and seeks avenues to improve the Professional Services structure via training tutorials and the development of new methodologies.

• This role also encompasses some client billable work, shared alongside the aforementioned responsibilities.

⛳️ Requirements

• Over 12 years of experience in the Information Technology/Cyber Security sector, alongside professional services expertise.

• A Bachelor’s degree in a relevant technical field such as Information Technology, Computer Science, or equivalent professional experience.

• Exceptional written and verbal communication skills, with comfort leading calls of 3+ hours and ensuring all pertinent topics are discussed while keeping tasks on track.

• Strong analytical and troubleshooting capabilities, with the proficiency to diagnose and resolve intricate security issues.

• Expert ability to identify, resolve, and foresee complex security challenges and risks, as well as lead resolution efforts across various client environments.

• Proficient in evaluating and recognizing threats and risks related to Exposure Management, including vulnerabilities and weaknesses in host or network configurations.

• Recent extensive experience in conducting vulnerability scans, configuration audits, and security monitoring utilizing core Tenable products or other industry solutions.

• Familiarity with Red Teaming, penetration assessments, and security testing tools such as Metasploit and Burp Suite.

• Experience in application security testing, OWASP, and common exploitable web application threats in relation to Exposure Management.

• Comprehensive knowledge of Auditing and Configuration frameworks like ISO 17799, CIS, PCI, GLBA, and HIPAA is preferred.

• A broad understanding and experience in cyber security principles, including vulnerability management, defense in-depth, least-privilege, data protection, regulations, and common security controls.

• Demonstrated experience in managing client expectations, fostering relationships, and delivering consultative advice to ensure positive outcomes.

• Proven consulting skills focused on assessing and advising clients on their Exposure Management strategies.

• Experience in designing and implementing security solutions and platforms.

• A deep understanding of networking, virtualization, Linux/Unix, and Windows administration, as well as patch deployment and system configuration. While not strictly a technical role, a solid technical foundation is vital for long-term success.

• Knowledge of wireless LAN protocols and various WLAN vulnerabilities and attacks.

• Familiarity with common control systems such as firewalls, blacklists, ACLs, and common network monitoring tools like IDS/IPS.

• In-depth understanding of Patch Management, IPAM, ITSM, CMDB, and SIEM solutions as they pertain to Exposure Management.

• Experience using programming and scripting tools such as Python or Powershell for automation and API-driven tasks.

• Experience with cloud services, common cloud infrastructure, CSPM, CIEM, IaC, containerization, and the associated risks of cloud-based and hybrid environments.

• Familiarity with Microsoft Active Directory environments, including common risks, threats, and security implications.

• Knowledge of SCADA and OT systems is advantageous for managing exposure in these contexts.

• Current security certifications such as CISSP, CISA, CISM, OSCP, or equivalent experience.

• This role is available only to US-based candidates, preferably in the US NorthEast region.

🏝️ Benefits

• Medical, dental, vision, disability, and life insurance.

• 401(k) retirement savings plan with company match.

• Employee stock purchase plan.

• Employee referral program.

• Flexible spending accounts.

• Employee Assistance Program (EAP).

• Education assistance.

• Parental leave.

• Paid time off (PTO).

• Company-paid holidays.

• Health and wellness events.

• Community programs.