CBIZ · Tampa, FL (Remote) $175,000/yr · Full-time · Mid-Senior level
CBIZ Risk & Advisory Services offers consulting, outsourcing and co-sourcing services to public and private companies of all sizes by providing national caliber expertise combined with highly personalized service. As part of CBIZ, (NYSE: CBZ), one of the top financial services providers in the country, CBIZ Risk & Advisory Services provides internal audit, Sarbanes-Oxley compliance, cybersecurity, supply chain management, ESG and risk consulting services to leading businesses across North America.
With over 120 offices and nearly 7,000 associate s throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level financial and employee business services to organizations of all sizes, as well as individual clients, by providing national-caliber expertise combined with highly personalized service delivered at the local level.
As part of CBIZ, (NYSE: CBZ), one of the top financial services providers in the country, CBIZ Pivot Point Security a business unit of CBIZ Risk & Advisory Services, provides governance, risk, and compliance (e.g., ISO 27000 series, SOC 1 & 2, CMMC, FedRAMP, NIST-800 series, etc..), cloud security, network and application assessments and penetration testing, third-party & supply chain risk management, and virtual Chief Information Security Officer services to leading businesses across North America.
We are looking for a Senior Advisory Consultant to consult and advise our clients on designing, implementing, and managing Information Security Management Systems (ISMS) to protect their organization's infrastructure and maintain compliance with various regulations, standards, and frameworks (ISO 27001, HIPPA, SOC 2, etc…). You will be responsible for working with our client's senior leadership and internal IT teams to advise and e nsure security actions are evaluated, validated, and implemented as required.
To be successful as a Senior Advisory Consultant, you should have expert analytical skills and in-depth knowledge of information security practices to proactively identify and prevent a wide range of security threats in client environments. Top candidates will also be excellent communicators; training and educating our client's key stakeholders in various information security topics.
If you thrive in a dynamic environment, like challenges, and believe work and fun are not mutually exclusive, you may be the one we're looking for. We need team players who are smart and creative, love IT assurance, and want to grow with a growing company: who are as comfortable talking with senior management about certification or attestation strategies as they are with a Developer or System Administrator about securing microservices or the latest Windows’ exploit.
Essential Functions and Primary Duties:
Consulting with our client's senior management team and their internal IT departments to improve their information security posture.
Promote awareness of security issues among client management and ensure sound security principles are reflected in the organization's vision and goals.
Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits,inspections, etc.
Continuously validate client organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
Identify alternative information security strategies to address organizational security objective.
Keeping up to date with developments in the threat environment, as well as privacy and security standards.
Conducting and/or participating in gap, risk, and business impact assessments.
Documenting ISMS policies and procedures, updating policies and procedures, and monitoring to ensure compliance with security policies.
Leading/overseeing third-party risk programs and assessments for clients.
Preferred Qualifications:
Personal integrity, a highly transparent nature, and a mind-set of "mutual benefit".
Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
Has very high "Self-Expectation" (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you do not get a second chance to see your child's first school play and that it does not matter if the report gets done at 3:00 PM or 10:00 PM, if it gets done).
Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
Effectively and proactively communicates in writing/speech both internally/externally from the server room to the board room.
The ability to "work from anywhere" as this role is remote/virtual in nature.
A good sense of humor and the ability to laugh at themselves.
Applicable Information Security and Technology experience to contextualize and make recommendations relevant and valuable.
Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, CCSA, MCSE, CEH, OSCP).
Experience working as a consultant managing/leading multiple client projects.
Experience authoring policies and procedures.
Experience with the myriad of regulatory compliance or privacy frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP, GDPR, CCPA).
Familiarity with related standards/frameworks (e.g., Secure Control Framework, SSAE-16 SOC1, ISO 27001, NIST 800-171, NIST CSF, CMMC, SOC2, ISO-22301, ISO-9001).
A general understanding of cyber security technologies or security issues such as: Hardware or Virtual Network Firewalls, Cloud Native Firewalls, Identity and Access Management (IAM), Zero Trust, Cloud Access Security Brokers (CASB), Secure Web Gateways (SWG), Distributed Denial of Service (DDoS) protection, Web Application Firewalls (WAF), and Network Detection and Response (NDR).
Minimum Qualifications:
Bachelor’s degree required
6 years of experience in related field
3 years of supervisory experience
Must have and preserve required licenses
Ability to manage all aspects of client engagements
Demonstrated ability to communicate verbally and in writing throughout all levels of organization, both internally and externally
Proficient use of applicable technology
Must be able to travel based on client and business needs
The estimated rate of pay for this job is $117,638 - $179,516/year, which may vary based on education, experience, geographic location, or other job-related factors.
The compensation above is not representative of an employee’s total compensation. Beyond income, you have access to: comprehensive medical and dental insurance, retirement savings, life and disability insurance, health care and dependent care reimbursement accounts, certification incentives, education assistance, referral program and much more.
CBIZ.Jobs Category: Advisory
REASONABLE ACCOMMODATION
If you are a qualified individual with a disability you may request reasonable accommodation if you are unable or limited in your ability to use or access this site as a result of your disability. You can request a reasonable accommodation by calling 844-558-1414 (toll free) or send an email to
EQUAL OPPORTUNITY EMPLOYER
CBIZ is an affirmative action-equal opportunity employer and reviews applications for employment without regard to the applicant’s race, color, religion, national origin, ancestry, age, gender, gender identity, marital status, military status, veteran status, sexual orientation, disability, or medical condition or any other reason prohibited by law. If you would like more information about your EEO rights as an applicant under the law, please visit these following pages