Bonadio Group, The

Senior QSA Cyber Security Consultant

US-NY-Pittsford
19 hours ago
ID
2017-1501
# of Openings
1
Category
IT Audit/ Risk Managment

Overview

We have a tremendous opportunity for a senior level client service professional to work as a Qualified Security Assessor in the Enterprise Risk Management (ERM) team in Rochester, NY.  This hands-on role would involve technical security assessments of applications and infrastructure, security design reviews as well as risk assessments.  A qualified applicant would have strong technical skills from the hardware to the application layer. 

Responsibilities

  • Performing mid and large IT and information security risk and compliance assessments, PCI engagements, audits, gap analyses, and remediation
  • Actively lead projects in the areas of PCI-DSS and PA-DSS

  • Communicating with project stakeholders to effectively convey requirements of technical and process improvements
  • Develop customized policies, procedures and controls, disaster recovery plans and technical documentation for applications, systems and infrastructure
  • Possess an in-depth knowledge of IT security and various frameworks (i.e CobiT, NIST, ISO etc.)
  • Experience in managing policy exceptions, including working directly with the teams to document exceptions, identify compensating controls and remediation action plans

Qualifications

Requirements:

  • Compliance: regulatory, privacy, international laws and statutory requirements.
  • Risk: risk frameworks, maturity models, and enterprise IT security risk methodologies.
  • Governance: vendor management, policy frameworks, control design and security design/architecture.
  • Security architecture: infrastructure, network and systems design.
  • Knowledge of and hands-on experience with PCI audits and PCI attestations.

Abilities:

  • Communicate effectively across business and technical boundaries.
  • Work independently without detailed guidance.
  • Be proficient in writing executive level reports and technical documentation.

Education and Experience:

  • Must be PCI-QSA (Qualified Security Assessor) certified or have held the certification within the last three years.
  • At least one other Security, Risk or IT certification (i.e. CobiT, CRISC, CISA, CISM, CISSP, or ISO 27001) achieved.
  • minimus of an Associates Degree (AS).  BS degree is a plus
  • Minimum 4 years of experience in the Cyber Security, Information Assurance, Enterprise Risk or Compliance field.

HOURS/LOCATION:

  • This is a full-time opportunity located in Pittsford, New York.
  • Frequent travel to client locations is required.
  • Office hours are 8am - 5pm.  Our summer hours are 8:00am – 5:00pm Mon-Th; 8am – 12pm Fri.  The ability to work additional hours during peak time is critical.

The Bonadio Group is one of upstate New York’s largest, most respected and fastest growing independent CPA and Financial Services firm. We are consistently rated as a “Top 40 CPA Firm” and one of the “Best Accounting Firms to Work For”, in the country! When you join The Bonadio Group, you’ll get the opportunity to work with great people and great clients and make a difference.  With our notable mentoring and training programs, you’ll be able to tackle more interesting issues; and with our local and national presence, you’ll get a chance to work with more interesting people.  Best of all, you’ll get an opportunity to work with great people, great clients, and make a difference.

 

We are an Equal Opportunity/Affirmative Action Employer

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed