Focal Point Data Risk, a CDW Company, is one that delivers a unified approach to addressing data risk through a unique combination of consulting service offerings. Focal Point has brought together industry-leading expertise in cyber security, identity governance and access management, data privacy and analytics, internal audit, and hands-on training services, giving companies everything, they need to plan and develop effective risk and security programs. By integrating these services, we provide our clients with the flexible support they need to protect and leverage data across any part of their organization. Simply put, CDW-Focal Point is the next generation of risk management.
The security industry is rapidly developing, and innovation is constant. We pride ourselves on staying ahead of the curve in delivering in-demand and creative solutions to our clients. The ideal Cyber Security Consultant (“Consultant”) will possess a broad skillset, demonstrating excellent communication and presentation skills, analytical thinking, and a desire for learning that will support sustainable career growth. The Consultant will assist with a variety of technical security assessments, including assessments of applications, databases, servers, networking devices, and security tools and software. The Consultant may also assist with PCI DSS assessments, Business Continuity and Disaster Recovery (BC/DR) assessments, and data breach preparedness reviews. The Consultant will work in close coordination with Cyber Security Practice Managers, Directors, and Principals to carry out diverse client engagements. The Consultant will often interface directly with clients; therefore, the ability to clearly articulate complex and technical results to a general business audience is paramount.
What you will get to do:
- Performing assessments of technology components, such as applications, databases, servers, networking devices (i.e., firewalls and routers), and security tools such as IDS/IPS, anti-malware, and authentication systems (e.g., Active Directory);
- Performing cybersecurity audits in a wide variety of business environments for many different engagements, including:
- Payment Card Industry (PCI) Data Security Standard (DSS) compliance;
- Cyber security assessments, in accordance with industry frameworks such as the NIST Cybersecurity Framework and ISO27001; and
- Cloud security compliance.
- Assisting clients with the performance of Business Impact Analyses (BIAs), along with the development of BC/DR Plans (BCPs and DRPs);
- Assisting organizations with all aspects of data breach response, information security, Incident Response (IR) preparation and management;
- Providing data classification services;
- Developing information technology and security policies and procedures;
- Providing clients with trusted advisory services and guidance that will reduce their organizational risk and improve their overall cyber security posture; and
- Preparing reports and other deliverables, which contain strategy, technical analysis, and findings in connection with our Practice’s advisory and assessment engagements, also communicating these results to multiple levels of clients’ management.
What you’ll need to succeed:
- 2-5 years of relevant experience in the field(s) of IT Audit, Consulting, and/or Security, Privacy or Risk Management.
- Experience performing PCI DSS assessments
- Strong critical thinking and analytical skills, demonstrating an ability to understand and communicate complex client-business processes
- Personal qualities like professionalism, attention to detail, a team-oriented focus, dedication, resourcefulness, strong organizational skills, an eagerness to learn, and grow professionally
- Ability to leverage available technical resources and tools (online and otherwise) to research and expand personal knowledge when needed
- Strong proficiency with Microsoft Windows and the Microsoft Office suite of products, (i.e., Word, Excel, Visio, PowerPoint)
Technical Skills & Proficiency
- General knowledge and familiarity with the following technologies and concepts:
- IT governance, operations, and resource planning
- Information system and security architecture, including:
- Firewalls and routers
- Intrusion detection and prevention systems
- Operating systems (e.g., Windows, Linux, Unix, iSeries)
- Remote access systems (e.g., multi-factor authentication)
- Databases (e.g., SQL, Oracle, DB2)
- Symmetric and asymmetric cryptography
- Systems Development Life Cycle (SDLC) and change management
- Information system implementation processes
- Systems administration and computer operations
- Threat and vulnerability management
- Incident response preparation and management
- Data backup and recovery practices
- Logical access controls (e.g., Active Directory)
- Degree in Computer Science, engineering, information systems or equivalent work experience is required.
Travel and Location:
- Telecommute available, with travel averaging 50%
CDW is committed to maintaining a workplace that is free of known hazards and to ensuring the safety, health, and well-being of coworkers and candidates for employment and their families, as well as the community.
CDW requires all coworkers be fully vaccinated against COVID-19, with the only exceptions being a documented, legally required medical or religious accommodation. Prior to starting with CDW, successful candidates will be required to: (i) be fully vaccinated against COVID-19 and provide CDW with proof of full vaccination; or (ii) apply for and receive a medical or religious-based accommodation to be exempt from the mandatory vaccination policy.