Security Advisor – Control Assessor

This is a fully remote position, open to applicants in South Carolina.

📋 Description

• Conduct control gap evaluations to assist organizations in identifying deficiencies within client security programs.

• Execute project management responsibilities to guarantee timely delivery of assessments that align with client requirements.

• Detect shortcomings in desired control implementations and propose suitable recommendations for clients based on recognized regulatory frameworks and intended controls.

• Assess the effectiveness of information system security controls.

• Carry out comprehensive audit-like evaluations in accordance with cybersecurity-related standards.

• Examine documentation and evidence submitted to confirm compliance with established cybersecurity frameworks.

• Create and review policies, procedures, and related documents to ensure alignment with control frameworks.

• Compose clear and well-organized reports detailing observations and strategic recommendations, tailored to the audience level.

• Identify cybersecurity-related regulatory obligations (e.g., PCI-DSS, HIPAA, CCPA, GDPR, NYDFS) along with compliance gaps, and formulate strategic plans to achieve and sustain compliance.

• Collaborate closely with clients and the Soteria team to develop remediation strategies to help clients reach their objectives.

• Document and convey findings and recommendations to clients, including C-Suite and board-level executives, in a professional manner.

• Assist the project team with quality assurance reviews of deliverables.

• Maintain relationships with clients after assessments to provide ongoing support and advice as they enhance their security measures.

• Stay updated on security trends, technologies, and practices through self-education and participation in industry events.

• Conduct interviews with clients and the Soteria team to assess a client’s IT environment and security protocols.

• Evaluate and research common business platforms and technologies to offer recommendations for secure configurations.

• Uphold the integrity and confidentiality of sensitive client information.

⛳️ Requirements

• Over 5 years of industry experience with a solid understanding of the cybersecurity landscape.

• At least 2 years of experience in a cybersecurity consulting role, specifically in conducting IT audits or assessments.

• Familiarity with cybersecurity frameworks including NIST CSF, CMMC, ISO 27001, and CIS Controls.

• Relevant certifications such as CISSP, CISM, CISA, etc.

• Strong proficiency in Microsoft Suite, with advanced Excel skills being a plus.

• Candidates must be legally authorized to work full-time in the United States and capable of passing a background check.

🏝️ Benefits

• Soteria is an Equal Opportunity Employer.

• Competitive salary accompanied by health insurance and retirement plans.

• Opportunities for professional development.