Perform Security Program / Security Controls Reviews based on ISO 27001/27002 standards
Plan and implement Security Policy projects
Plan and executive Risk Assessments and Risk Treatment Plans
Design and implement Incident Response plans
Implement Information Security Management Systems (ISMS) based on ISO 27001
Perform HIPAA Gap Assessments
Exhibit knowledge of ISO 27001/27002 and NIST standards, demonstrating the ability to complete required work papers with detail
Contribute intellectual capital to Halock's Professional Services Framework including findings, checklists, templates, testing methods and techniques, and research
Adhere to Halock's code of conduct (http://www.halock.com/thecode.php)
Author detailed Security Program Review and other strategic reports
Present findings to C-level sponsors and executive leadership teams
The ideal candidate should have the following required skills:
Consulting experience: 3+ years
Gap Assessment experience: 3+ years
Audit experience: 2+ years
Information Security practitioner experience: 5+ years
Excellent written and verbal communication skills
Ability to multi-task without compromising deadlines and assignment expectations
Project manage client projects as well as work as a member of a project team
Strong organizational skills, including ability to work with minimal supervision
High level of initiative – a self-starter
Integrity, and commitment to ethical behavior
Nice to Have Skills:
The following are nice to have but not required for the role:
PCI QSA Certification
Formal education in Information Security, Information Technology, Computer Science, Engineering or related discipline preferred
Applicable certifications such as C|EH, C|EI, CSSLP, CISSP, CISA, technical certifications such as MCSD, SCJD, SCJP, MCAD, MCPD, GIAC, GSNA, GCIH, GPEN, GSEC, GCED
Network design and implementation experience
Application development experience
Ethical hacking experience
Benefits and Extras:
Comprehensive benefits package including health, dental, 401(k), long-term disability and more
Career Roadmap Program with regularly occurring performance reviews
A culture that “invests” into their people through continued training and paid certification opportunities
Strong team culture
US citizens and Green Card Holders, EAD and TN are encouraged to apply.
We are unable to sponsor H1 candidates at this time
No 3rd parties please
Individuals only need apply
May be up to 25%, with majority of work in Chicago and Chicago suburbs
Location: Schaumburg, IL
Pay rate: Competitive base salary and based on experience
Aggressive performance based bonus program
Halock Security Labs is a consulting boutique organization focused 100% on information security. Halock is a thought leader in this rapidly growing market space!
Halock is a hybrid services firm capable of addressing both the strategic and technical security needs of our clients. With over 400 business clients, we work in partnership with our clients to help them protect critical information assets, meet compliance needs and uphold security standards best practices.
Halock offers services in security governance and strategy, PCI compliance and validation, vulnerability assessments, penetration testing, network security architecture reviews, development of information security management systems, risk assessment, incident response planning, policy development, and security solution implementations including SIEM, DLP, and encryption. Our full-time consultants and engineers may be a part of one or more of these service offerings depending on their skills and interests.
Halock prides itself on its ability to perform in-depth security assessments across a wide range of technical environments. Tired of the plain vanilla *checklist* audit? Looking to demonstrate your assessment skills with like-minded team members? Halock has a unique, challenging and motivated environment for you to further develop your career.
Due to client demand, we are continuing to expand our consulting team. Each client engagement is assigned a dedicated and capable group of consultants, project management, resources, and tools. You will be expected to utilize your skills and abilities to satisfy the scope of the engagement within budgetary requirements.
About the Governance and Strategy Practice:
The Governance and Strategy Practice is the fastest growing business unit at Halock. With multiple ISO 27001 Certification Projects in progress in 2011, we are looking for individuals that are at the CISO level or aspire to get there quickly. Our projects span every aspect of security governance and we are looking for high impact contributors that are seeking to fast track their experience to CISO/CIO level.