Vciso

VCiso Consultant

20 hrs a MONTH - 5 hrs a week- 1/2 day onsite

Dallas, TX area

Onsite only

3 month

$90.00-$100.00 hr W2

The goal of this person is to “adjust the clients Security Strategy, Architecture”. The customer is immature from a security perspective. They want some who can align & improve the current environment with industry best practices in the following core areas:
Security Culture, Risk Assessment, Compliance Evaluation, Policy and Procedure Review – GRC, IT Infrastructure Evaluation, Cloud Security, Data Security, Operational Efficiency, Endpoint Security, Identity and Access Management (IAM), Vendor and Vulnerability Management, Managed Service and Cloud Providers, Incident Response & Recoverability – Business Continuity and Disaster Recovery (BC/DR).

The Vciso must have extensive experience assessing and developing security solutions for hybrid multi-cloud environments while ensuring solutions are flexible enough to address new requirements as the client continues to grow and evolve.

• Must have 7-10 years’ experience directly with security architecture; on‑prem, Hybrid, Cloud and Hybrid Multi cloud environments.
  • Able to optimize on‑prem and multi‑cloud security for both effectiveness and cost
  • Familiarity with current trends in security especially around Cloud, SIEM, XDR and MSSP managed security services.
• Must have prior experience performing high‑level assessments of clients existing Security operations platforms and posture & identifying areas for optimization, especially around how SIEM, SOAR, and XDR services are used. {Cloud IaaS/PaaS security architecture and security monitoring posture and practice alignment to on‑prem functions}
• Must have prior experience providing multi‑year security roadmaps to inform clients, including:
  • Identify changing security needs from the landscape.
  • Identify security operations automation opportunities.
  • Address operational and security log sources and retention.
• Should have experience providing a “strategy” to achieve the desired end‑state which include cloud tenant monitoring.
• Prior experience working with security and operations teams to build the functional and non‑functional requirements for security monitoring to properly detect and respond to cyber threats on‑prem and in cloud.
• Any experience building out a RFP for MSSP and SIEM or their replacements:
  • SOAR capabilities
  • Operational log retention
  • Forecast MSSP capacity requirements
  • Platform selection criteria
  • Multi cloud monitoring
• Must be able to work effectively at all levels of an organization with the ability to influence others to move toward consensus
• Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
• TOGAF certification is an asset.
• GIAC, CISSP, CISA and/or CISM or other cybersecurity designations are an asset.