Information Security Engineer
Company: Public Consulting Group
Posted on: March 19, 2023
Public Consulting Group, Inc. (PCG) is a leading public sector management consulting and operations improvement firm that partners with health, education, and human services agencies to improve lives. Founded in 1986 and headquartered in Boston, Massachusetts, PCG has over 2,000 professionals in more than 50 offices across North America and in Europe. The firm has five designated practice areas with extensive experience in all 50 states, clients in six Canadian provinces, and a growing practice in Europe. Often combining resources from two or more practice areas, PCG offers clients a multidisciplinary approach to solve their challenges or pursue opportunities. To learn more, visit www.publicconsultinggroup.com.
--- Functions as a consultant on security matters as a recognized expert and leads cross-functional teams in making risk-based decisions.--- Applies technical and functional security expertise to evaluate and manage business requests and small projects.--- Collaborates across multiple teams, including security, leadership, IT, business stakeholders, and vendors, to gather business requirements and evaluate solutions/risks.--- Assesses third-party vendors as part of InfoSec's Security Risk Assessment Program (e.g., Inherent and Residual Risk Scoring).--- Identifies threat/attack surfaces for all PCG infrastructure (i.e., on-prem, hybrid, cloud-only). --- Validates and aligns security solutions (e.g., Advanced Threat Protection, Intrusion Prevention, Email/Collaboration Security, Data Loss Prevention, encryption) against/with defined goals and objectives, and creates measurements of security solutions for key stakeholders.--- Prepares, maintains, and improves documentation to support compliance and regulatory efforts (e.g., Policies, Standards, Regulatory Reports).--- Manages the lifecycle of security tools, licenses, and products, including procurement and renewals,in alignment with PCG's finance team schedule. --- Bridges potential gaps between technical and non-technical resources to assist in providing clarity to requirements, risks, and communications.--- Recommends security enhancements to management.
Required Skills:--- Experience implementing and operating programs for Information/Cybersecurity or Security Risk Management.--- Working technical knowledge of security, as well as industry trends.--- Risk management expert with advanced knowledge of industry or geographic standards and regulations e.g., NIST, HIPAA, GDPR, CCPA.--- Ability to handle complex situations and make decisions and recommendations with limited data.--- 5+ years in cybersecurity and risk management space, specially working with various standards and regulations.--- Strong interpersonal, verbal, and written communication, including ability to present and influencepeers, management, and leadership across PCG and its customers.--- Solid analytical/problem solving skills with capability to identify solutions to unusual and complex problems.--- Ability to work within high-performing virtual teams with flexible hours covering footprint of PCG.--- Builds excellent relationships with key internal resources based on trust and confidence. --- Ability to get results while maintaining a service orientation. Qualifications:Education: B.S. or B.A. degree is a plus, with related discipline experience. M.B.A. or other advanced degree in business or social sciences is a plusExperience: 3+ year of experience in information security or information risk management. General operating knowledge of security for application and infrastructure, security threat/risk/data classification. Familiarity with industry standards NIST-800, HIPAA, FERPA and various security protocols, such as PKI, SSL, Encryption, Data Redacting, DLP. Familiarity with functions of Firewalls, IDS/IPS, Malware protection, EDR, ATP, Vulnerability scan, Email Security Systems, O365/M365 DLP, Data Encryption, Forensics Antivirus, SIEM (Log Analysis) a big plus.Understanding of various systems and operating systems, like MS Active Directory, MS Windows, MS Exchange, Unix/Linux OS.Certification: Information Security, Technology, Risk, and/or Management certifications are a plus #LI-AH1#D-PCG#LI-remote
Compensation for roles at Public Consulting Group varies depending on a wide array of factors including, but not limited to, the specific office location, role, skill set, and level of experience. As required by applicable law, PCG provides the following reasonable range of compensation for this role: $115,000-135,000. In addition, PCG provides a range of benefits for this role.
Public Consulting Group is an Equal Opportunity Employer dedicated to celebrating diversity and intentionally creating a culture of inclusion. We believe that we work best when our employees feel empowered and accepted, and that starts by honoring each of our unique life experiences. At PCG, all aspects of employment regarding recruitment, hiring, training, promotion, compensation, benefits, transfers, layoffs, return from layoff, company-sponsored training, education, and social and recreational programs are based on merit, business needs, job requirements, and individual qualifications. We do not discriminate on the basis of race, color, religion or belief, national, social, or ethnic origin, sex, gender identity and/or expression, age, physical, mental, or sensory disability, sexual orientation, marital, civil union, or domestic partnership status, past or present military service, citizenship status, family medical history or genetic information, family or parental status, or any other status protected under federal, state, or local law. PCG will not tolerate discrimination or harassment based on any of these characteristics. PCG believes in health, equality, and prosperity for everyone so we can succeed in changing the ways the public sector, including health, education, technology and human services industries, work.
Keywords: Public Consulting Group, Austin , Information Security Engineer, Other , Austin, Texas
here to apply!