Senior Security Advisor - Governance

Established in 2014 and based in Charleston, South Carolina, Soteria's expertise in the cybersecurity domain is predicated upon the accumulated practical experience across all team members. Soteria's security professionals have held leading positions in private industries, state governments, and federal intelligence communities.

Driven by this combined pool of knowledge as well as the belief that “Security is for Everyone,” Soteria offers advisory services and solutions which are significantly differentiated from the security status quo. Soteria treats each client as a unique case deserving of individualized security insights and specialized hands-on assistance.


About the role

At Soteria, as a Senior Security Advisor you will make an immediate and significant impact on a growing team - protecting an ever-increasing number of clients who need assistance navigating today’s threat landscape. You will need to demonstrate and support the Soteria company culture and values, being authentic, engaged, investigative, and caring. This is accomplished through consulting with clients, collaborating with colleagues, clear, efficient, and timely communications, research on relevant security topics, and supporting team efforts for ongoing process and service improvements. 

This person will work on dedicated projects to build relationships with clients, and provide detailed reports with a high level of excellence and care. Working in tandem with the client, this person will identify cybersecurity risks to an organization and determine appropriate remediation recommendations that are tailored to the unique needs of the client. Familiarity and experience with security frameworks and regulatory compliance such as NIST CSF and NIST security control frameworks, CIS, ISO 27000, HIPAA, PCI-DSS, etc. is necessary for this role. 

This person must possess a multi-faceted skill set, including experience in security program implementation, technology platforms, written report development, presentation and public speaking, strategic planning, policy and procedure development, project management, client relationship management, process improvement, and client-facing communication. 


What you'll do

  • Advisory Operations

    • Lead and perform security assessments to help organizations understand where gaps exist within their security programs and develop recommendations for remediation. 

    • Lead and participate in Advisory client projects to include client onboarding, documentation review, client interviews, presentation of findings, and report development and delivery. 

    • Work closely with clients and the Soteria team to develop deliverables to include, but not limited to:

      • executive summary reports

      • detailed findings and recommendations reports

      • presentation slide decks

      • plans of action and milestones

      • policy and procedure development

      • ad-hoc written reports

    • Provide support and guidance where necessary to Advisory team members to achieve excellence in the various business areas of Trusted Advisory and vCISO, Risk/Gap Assessments, Incident Response Readiness, Table Top Exercises, and Policy development. 

    • Conduct presentations for various types of stakeholders to include technical staff, support staff, executive team, and board of directors. 

    • Tailor communications to the client’s level of expertise, providing education and information to help them understand the bigger picture and make educated decisions.

    • Communicate with prospective and existing clients to understand their security needs and develop engagement plans to satisfy their requirements, focused on the information security aspects of the client's infrastructure. 

    • Research cybersecurity topics and provide commentary for clients. 

    • Participate with and support other Soteria business areas when needed.

    • Build and maintain close relationships with Soteria’s clients and help them understand the full scope of information available to make informed decisions about their security program.

    • Advocate for the client’s well-being, provide expert security advice, and rally internal Soteria resources for the benefit of the client.

    • Identify and assist in efforts to formalize and update client policies, procedures, and technical standards.

    • Maintain updated client profile and pertinent information in internal operational support systems.

  • Process Improvement and Growth

    • Partner with Soteria’s leadership team, service line leaders, and other Advisory members to improve service offerings. 

    • Train and mentor other employees in order to build the company's overall capacity and capability.

    • Drive innovation by participating and working with cross-functional teams and stakeholders for the development of new product offerings, roadmaps, capabilities, and services, providing key inputs to operational delivery requirements and support models.

    • Assist with advancing the maturation of our existing services by identifying and directly contributing to the creation and management of support processes, knowledge base articles, playbooks, and other documentation management as needed.

Qualifications

  • 10+ years of industry experience with a deep understanding of the cybersecurity space

  • Understanding of current information security challenges and solutions

  • Prior experience in a cybersecurity consulting role

  • Prior experience in an information technology or cybersecurity leadership role 

  • 5+ years direct experience with:

    • security frameworks such as NIST CSF, CIS Security Controls, ISO, etc.

    • industry regulatory requirements for security such as HIPAA, PCI-DSS, CJIS, SEC, GLBA, CMMC, etc.

  • Relevant certifications such as ISC^2 CISSP, ISACA CISM, GIAC Strategic Planning, Policy, and Leadership (GSTRT) or other relevant GIAC certification

  • Excellent written and verbal communication skills

  • Ability to self-direct work, orient to action, and truly own the position in a quickly growing and changing environment

  • Ability to translate strategic business objectives into tactical actions

Advisory

Remote (Charleston, South Carolina, US)

Share on:

Terms of servicePrivacyCookiesPowered by Rippling