Apply on Employer Site

Hunter Strategy · 2 months ago

Senior Cybersecurity Consultant

United States

Full-time

Remote

Senior Level, Lead/Staff

10+ years exp

Hunter Strategy is a company that focuses on complex software engineering, cloud operations, and cyber risk management solutions. They are seeking an experienced Senior Cybersecurity Consultant to leverage their extensive experience in cybersecurity, providing strategic advice and leading security assessments for clients to enhance their security programs.

GovTechInformation TechnologyMilitarySoftwareSoftware Engineering

Growth Opportunities

Responsibilities

Lead comprehensive security assessments including risk assessments, security architecture reviews, and compliance gap analyses

Conduct security program evaluations and provide strategic recommendations for program maturity

Deliver executive-level presentations and written reports that translate technical findings into business risk

Develop enterprise-level security planning documents including incident response plans, system security plans, and business continuity/disaster recovery plans

Create security policies, standards, and procedures aligned with industry frameworks (NIST, ISO 27001, CIS Controls)

Design security architectures and roadmaps that balance risk mitigation with business objectives

Design and facilitate security tabletop exercises covering incident response, crisis management, and business continuity scenarios

Lead client workshops for threat modeling, risk assessment, and security planning

Mentor junior consultants and contribute to practice area development

Qualification

CISO/vCISO experienceSecurity frameworks knowledgeRisk management methodologiesSecurity assessments experienceSecurity documentation developmentSecurity engineering experienceCloud security experienceClient management skillsProfessional certificationsProject management skillsCommunication skills

Required

10+ years of progressive cybersecurity experience with at least 5 years in management (ideally senior or leadership) roles. CISO/vCISO experience ideal

Experience conducting security assessments across diverse environments and industries

Demonstrated ability to develop security documentation and strategic plans

Experience facilitating security exercises and delivering executive presentations

Deep understanding of security frameworks and standards (NIST CSF, NIST 800-53, ISO 27001, CIS Controls, etc.)

Broad knowledge of security domains including network security, application security, cloud security, identity and access management, and data protection

Strong understanding of compliance requirements across multiple regulations and frameworks

Expertise in risk management methodologies and security program development

Exceptional written and verbal communication skills with ability to translate technical concepts for business audiences

Strong client management and relationship-building capabilities

Excellent project management skills with ability to manage multiple concurrent engagements

Preferred

Hands-on security engineering experience including design, implementation, and configuration of security tools and technologies (SIEM, EDR, firewalls, DLP, etc.)

Penetration testing experience with knowledge of PTES, OWASP, etc

Purple team exercise experience from either offensive (red team) or defensive (blue team) perspectives

Detection engineering and threat hunting capabilities, including experience with threat intelligence and adversary emulation

Cloud security architecture and implementation experience (AWS, Azure, GCP)

Experience with security automation, orchestration, and DevSecOps practices

Incident response leadership including coordinating major security incidents

Prior consulting experience with ability to quickly adapt to various client environments

Experience in multiple industry verticals (financial services, healthcare, manufacturing, etc.)

Professional certifications such as CISSP, CISM, CISA, or equivalent a plus