WHO WE ARE
Secure. Comply. Elevate - Your Trusted Cyber Security and AI Risk Management Partner. Elevate addresses auditing needs by offering expert Governance, Risk, and Compliance services tailored to the complexities of cybersecurity and AI compliance. Leveraging a team of seasoned multi-disciplinary professionals, we provide high-quality, trustworthy solutions that efficiently navigate the intricacies of regulatory changes and technological advancements. Our approach focuses on delivering comprehensive cyber and AI audits and adaptable strategies, ensuring organizations remain compliant and secure without unnecessary expenditure of time and resources. With Elevate, clients gain a reliable partner dedicated to solving their cybersecurity and AI governance challenges effectively and efficiently.
We value exceptional client service, solving and coaching our clients through complex and critical transformations and providing effective communication (both verbal & written).
ABOUT THE POSITION
Elevate is looking for an experienced Audit and Cyber Security Senior Consultant (“Senior Consultant”) who possesses a broad skillset, demonstrating excellent communication and presentations skills, analytical thinking, and a desire for learning and working with clients.
You will work closely with clients to conduct information security assessments, IT audits and IT security and advisory projects. Also someone that wants to put the time in learning about AI risk management and governance would be ideal candidate as well. You will play a pivotal role in our organization’s efforts to enhance clients’ cybersecurity resilience and compliance. Additionally, your role will involve guiding and mentoring junior consultants while actively participating in the development of our cybersecurity practice.
RESPONSIBILITIES:
- Demonstrate professional client management skills by building and maintaining strong relationships with clients.
- Communicate findings, recommendations, think creatively and drive project progress effectively.
- Conduct comprehensive cybersecurity audits and risk assessments by evaluating information security policies, procedures, and controls.
- Utilize industry and security knowledge to help clients identify vulnerabilities, weaknesses, gaps in controls and potential threats in order to translate into language understandable to the client and actionable for remediation.
- Participate in strategic cybersecurity planning by collaborating with clients to refine cybersecurity strategies and implement governance and compliance frameworks.
- Assist clients in establishing cybersecurity roadmaps and long-term security goals.
- Experience working with internal audit, risk and IT departments and performing readiness assessments or audits of business and IT functions.
- Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions.
- Conduct specialized IT frameworks audits and assessments (e.g. ISO 27001, HITRUST, HIPAA, NIST etc.)
- Build and nurture positive working relationships with clients and coworkers, by providing high quality deliverables and communications.
- Appropriate reporting of action items, roadblocks, and other tasks during projects to managers and clients.
- Play a substantive role with project management by supporting engagement planning, providing regular status reports for the client, while collaborating with junior staff.
- Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements.
- Other tasks and duties as assigned.
QUALIFICATIONS:
- Bachelor's degree (in Management Information Systems, Information Technology, Computer Science, Accounting, Business Administration).
- 4-5+ years of relevant work experience, with industry focus a plus.
- Prior consulting experience in cybersecurity, risk management, IT audit, and/or other applicable fields. Minimum 3 years in consulting with multiple clients.
- Demonstrated experience in one or more areas of cybersecurity such as network security, identity and access management, threat intelligence, cloud security, GRC.
- Demonstrated ability to manage multiple projects simultaneously and experience scoping, planning, and executing projects autonomously.
- Strong experience with regulatory and compliance standards (e.g., NIST, ISO 27001/2/17/18/ 27701, SOC 1, SOC 2, SOX, HITRUST, HIPAA, PCI etc.)
- Ability to travel up to 10-15%, based on the work you do and the clients and industries/sectors you serve. However, this is a remote position, so travel is very limited.
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
Preferred:
- “Big 4” consulting experience in various industries.
- Ability to state complex issues simply.
- Strong communication skills, both written and verbal.
- Experience with working in an ambiguous environment.
- Certification as CISSP, CCSK, CISA, CISM, and/or CPA preferred.
TRAVEL REQUIREMENTS:
This is a flexible/remote position that does not require much travel. May require attendance at firm-wide events (annual/semi-annual).
OUR MISSION
We are here to Elevate cybersecurity and internal controls while safeguarding our clients' profits and reputations.
OUR GOAL
Provide valuable, timely, and quality service to our clients that simplifies complicated challenges, provides intelligent insight, and allows them to make better decisions.
OUR CORE VALUES
- Accountable and Dedicated: Gets work done on time with a customer service mindset.
- Adaptable and Resourceful: Self-managing and self-directing, takes ownership.
- "Gets it done" Attitude: Delivers the highest quality work.
- Humble and Relatable: Exhibits quiet confidence and a desire to help.
- Integrity: Does the right thing, even when no one is watching.