S-RM is looking for a Senior Consultant to support and deliver information security and data privacy projects that include governance, risk assessment and management, incident response, and regulatory compliance. In addition to client-facing responsibilities, they are expected to contribute to business and practice development while mentoring delivery consultants as the team grows. This role is based in S-RM’s New York City office.

MAIN DUTIES AND RESPONSIBILITIES

  • Project Management
    • Assist in creating project plans and status reports
    • Own client relationships and manage expectations
    • Ensure all client contact and deliverables are of excellent quality
    • Coordinate partners, subcontractors, and other third parties as appropriate for project delivery
  • Project Delivery
    • Perform information security risk assessments
    • Support and deliver data privacy compliance programs (e.g. General Data Protection Regulation, California Consumer Privacy Act, etc.)
    • Develop and review incident response plans
    • Perform incident response tabletop exercises
    • Create and deliver client reports and presentations specifically tailored to the audience (up to and including senior management)
    • Travel to client sites as needed
  • Business and Practice Development
    • Identify opportunities to win new business from new and existing clients
    • Assist in writing proposals and letters of engagement (i.e. statements of work)
    • Attend networking events
    • Develop service offering materials (e.g. methodologies, templates, tools, etc.)

The role will be based in our New York office.

SKILLS, QUALIFICATIONS & EXPERIENCE

The qualifications and experience required to perform this role successfully are:

  • At least 2 years consulting experience
  • At least 3 years information security risk assessment experience
  • Excellent writing and presentation skills
  • Familiarity with popular security standards and frameworks (i.e. ISO 27001/27002, ISO 27005, NIST Cybersecurity Framework, NIST 800-53, etc.)
  • Familiarity with privacy regulations (GDPR, CCPA, LGPD, etc.)

Desired qualifications and experience include:

  • ISO 27001 Lead Implementer certification
  • Experience in the insurance industry
  • Experience in a fast-growing small or medium sized business
  • Knowledge of project management tools and methodologies

The individual will need to have the following key personal skills and attributes to perform successfully in this role:

  • Ability to own tasks, workstreams, and subject matters
  • Ability to work in a face-paced, unstructured environment
  • Excellent problem-solving skills
  • Ability to learn new topics quickly
  • Excellent organizational skills
  • Excellent attention to detail
  • A proven ability to work with minimal supervision
  • Ability to work under pressure and meet deadlines
  • Ability to multi-task
  • A proactive approach and a willingness to work outside the job specification when required
  • Excellent interpersonal skills

The successful candidate must have work authorization in the United States by the start of their employment.

S-RM is an equal opportunity employer. We consider all qualified candidates for employment without regard to race, creed, color, religion, national origin, sex, age, disability, sexual orientation, gender identity or expression, genetic predisposition or carrier status, veteran, marital, or citizenship status, or any other status protected by law.

S-RM nurtures a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

CONTACT

To apply for this role, please visit our LinkedIn page https://www.linkedin.com/company/s-rm/ or email your CV and cover letter to recruitment@s-rminform.com.