Job Responsibilities:
   Perform Security Program / Security Controls Reviews based on ISO 27001/27002 standards
   Plan and implement Security Policy projects
   Plan and executive Risk Assessments and Risk Treatment Plans
   Design and implement Incident Response plans
   Implement Information Security Management Systems (ISMS) based on ISO 27001
   Perform HIPAA Gap Assessments
   Exhibit knowledge of ISO 27001/27002 and NIST standards, demonstrating the ability to complete required work papers with detail
   Contribute intellectual capital to Halock's Professional Services Framework including findings, checklists, templates, testing methods and techniques, and research
   Adhere to Halock's code of conduct (http://www.halock.com/thecode.php)
   Author detailed Security Program Review and other strategic reports
   Present findings to C-level sponsors and executive leadership teams

Critical Skills: 
The ideal candidate should have the following required skills:
   Consulting experience: 3+ years
   Gap Assessment experience: 3+ years
   Audit experience: 2+ years
   Information Security practitioner experience:  5+ years
   Risk Assessment
   Policy Development
   Incident Response
   ISO 27001/27002
   NIST
   HIPAA
   Excellent written and verbal communication skills
   Ability to multi-task without compromising deadlines and assignment expectations
   Project manage client projects as well as work as a member of a project team
   Strong organizational skills, including ability to work with minimal supervision
   High level of initiative – a self-starter
   Integrity, and commitment to ethical behavior


Nice to Have Skills: 
The following are nice to have but not required for the role:
   Government regulations
   DIACAP
   FISMA
   PCI QSA Certification
   Formal education in Information Security, Information Technology, Computer Science, Engineering or related discipline preferred
   Applicable certifications such as C|EH, C|EI, CSSLP, CISSP, CISA, technical certifications such as MCSD, SCJD, SCJP, MCAD, MCPD, GIAC, GSNA, GCIH, GPEN, GSEC, GCED
   Network design and implementation experience
   Application development experience
   Ethical hacking experience
Benefits and Extras:
   Comprehensive benefits package including health, dental, 401(k), long-term disability and more
   Career Roadmap Program with regularly occurring performance reviews
   A culture that “invests” into their people through continued training and paid certification opportunities
   Strong team culture

Contact: careers@halock.com
US citizens and Green Card Holders, EAD and TN are encouraged to apply.
We are unable to sponsor H1 candidates at this time
No 3rd parties please
Individuals only need apply

Travel required:
May be up to 25%, with majority of work in Chicago and Chicago suburbs

Telecommute: No

Date:  5/19/2010

Location: Schaumburg, IL

Pay rate: Competitive base salary and based on experience
Aggressive performance based bonus program



About Halock:
Halock Security Labs is a consulting boutique organization focused 100% on information security.  Halock is a thought leader in this rapidly growing market space!

Halock is a hybrid services firm capable of addressing both the strategic and technical security needs of our clients. With over 400 business clients, we work in partnership with our clients to help them protect critical information assets, meet compliance needs and uphold security standards best practices.
Halock offers services in security governance and strategy, PCI compliance and validation, vulnerability assessments, penetration testing, network security architecture reviews, development of information security management systems, risk assessment, incident response planning, policy development, and security solution implementations including SIEM, DLP, and encryption. Our full-time consultants and engineers may be a part of one or more of these service offerings depending on their skills and interests.
Halock prides itself on its ability to perform in-depth security assessments across a wide range of technical environments. Tired of the plain vanilla *checklist* audit? Looking to demonstrate your assessment skills with like-minded team members? Halock has a unique, challenging and motivated environment for you to further develop your career.
Due to client demand, we are continuing to expand our consulting team. Each client engagement is assigned a dedicated and capable group of consultants, project management, resources, and tools. You will be expected to utilize your skills and abilities to satisfy the scope of the engagement within budgetary requirements.
About the Governance and Strategy Practice:
The Governance and Strategy Practice is the fastest growing business unit at Halock.  With multiple ISO 27001 Certification Projects in progress in 2011, we are looking for individuals that are at the CISO level or aspire to get there quickly.  Our projects span every aspect of security governance and we are looking for high impact contributors that are seeking to fast track their experience to CISO/CIO level.