Job Description: Security Consultant
About Bright Defense
Bright Defense is dedicated to delivering top-tier Security, Risk, and Compliance consulting services. Our commitment to excellence, participation, integrity, and collaboration sets us apart in the industry. We strive to create a dynamic and inclusive environment where innovation and teamwork drive success.
Who We Look For
We are seeking a mid-level Security Consultant with a minimum of 5 years of experience. The ideal candidate is a strong communicator and active listener, skilled at navigating diverse audiences and situations. They are self-aware, adaptable, and able to connect people, data, trends, and experiences. Our consultants are mature, humble, and genuine, consistently going above and beyond for clients and colleagues. They are ethical, trustworthy, and committed to our core values even in challenging situations. A passion for learning and technology is essential, as is the ability to inspire and excite others.
What We Do
Our Security Consultants work with clients at all organizational levels, from the C-suite to the shop floor, helping them achieve their most strategic initiatives. We deliver realistic, data-driven decisions that provide tangible value to our clients. Our consultants are known for their ability to break down complex programs and frameworks into actionable steps.
Key Responsibilities
Participate in Cybersecurity, Information Security, Risk, Compliance, and/or Data Privacy Programs or Projects under the guidance of senior consultants
Compliance framework mapping and implementation
Regulatory mapping and implementation
Advisory-side, risk, or regulatory remediation management
Readiness for new laws and regulations
Risk, Compliance, or Information Security risk reporting and monitoring
Creation of roadmaps to mature or advance Risk, Compliance, and Information Security Strategies/Programs/Controls
Design and enablement of cyber controls functions and processes
Change management related to regulatory adoption or compliance changes
Audit or certification readiness
Assist with GRC (Governance, Risk, and Compliance) related tasks and projects
Work with GRC/Cybersecurity solutions, tools, and technologies
Design or mature controls for technical areas such as Software Development, Identity and Access Management, Business Continuity and Resiliency, Cloud
Apply industry-specific regulations, laws, and standards such as SOC 2, ISO 27001, CMMC / NIST 800-171, NIST 800-53, CCPA/CPRA, HIPAA, PCI
Serve as an internal auditor on client audit preparation
Coordinate and advise clients through external audits
Continuously learn from senior consultants to develop expertise and advance within the role
Qualifications
Required:
Humble, Hungry, Smart
Demonstrated business and technology acumen
Strong written and verbal communication skills
Experience solving real business problems
Proven track record of delivering results
Experience working with and/or supporting a team
Ability to work across industries, roles, functions, and technologies
Authorization for permanent employment in the United States (this position is not eligible for immigration sponsorship)
Preferred:
Bachelor’s degree
5+ years of professional experience
Relevant cybersecurity, systems, or networking certifications: CC (Certified in Cybersecurity), CEH, CCNA, CompTIA Security+, GISF, GSEC, SSCP, ISACA Cybersecurity Fundamentals Certificate
Experience across our service offerings
#J-18808-Ljbffr
