Principal Security Consultant- Security Solutions

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

The Principal Security Consultant- Security Solutions will develop strategies to identify and address cyber risk posture, as well as align metric driven models for the clients to measure and prioritize initiatives.  This individual will collaborate across GuidePoint sales and service teams and provide thought leadership for customers, partners, and internal partners.

Role and Responsibilities: 

• Provide pre-sales support for the GuidePoint Security Information Assurance services portfolio.
• Accurately report opportunities and forecast for service-related engagements.
• Grow revenue and gross profit by increasing the number of customers and depth of engagement with existing clients.
• Enable field sellers to engage more strategically with their customers by improving their knowledge regarding Information Assurance’s services and value message.
• Support partners and sales representative with existing customers and sales campaigns and develop additional services and programs that can be leveraged across the company.
• Develop strategic engagement model to enable delivery of key Information Assurance and GRC professional services.
• Contribute to comprehensive assessment deliverables that are proficiently tailored to managerial and executive audiences and fully detail the technical execution, core deficiencies, business impact, and the proposed remediation strategies.
• Define and develop security governance, risk, and compliance programs for clients that drive transformation.
• Perpetually strengthen relevant skills, knowledge, and abilities to stay at the forefront on the information security industry.
• Understand and articulate complex technical information to both technical and non-technical audiences.
• Ability to autonomously prioritize and successfully deliver across a portfolio of projects in a fast-paced environment.
• Work from remote/virtual when not visiting client locations.
• Travel up to 25% may be required to support clients.
• Expectations for this role is 80% Presales and 20% delivery.
• Serve as our Clients’ primary technical point of contact throughout a project life cycle.
• Perform other duties as assigned.

Experience and Education:

• 10+ years program leadership.
• Minimum of 7 years of combined GRC experience across consulting and private/public sector.
• Minimum 7 years direct cyber risk management experience within multiple verticals to include financial and healthcare.
• Experience leading strategic planning and workshops with Executive teams
• Consulting experience required.
• Strong understanding and working knowledge of security frameworks including, NIST CSF, CIS, ISO 27K, and others.
• Strong understanding and working knowledge of risk management frameworks including NIST, ISO, COBIT, COSO, and others. Strong understanding and working knowledge of risk management frameworks including NIST, ISO, COBIT, COSO, and others.
• Strong demonstrated experience in assessing, developing, and implementing cybersecurity risk management programs that integrate with Enterprise Risk Management within an organization.
• Strong understanding of all the functions within a security program, the ability to assess the maturity of a security program, and how to provide strategic recommendations and direction to senior leadership.
• Strong understanding and working knowledge of various risk assessment methodologies, using both qualitative and quantitative risk analysis.
• Strong demonstrated experience with assessing, developing, and implementing data governance and protection programs, including conducting data discovery of data flows and inventories and evaluate the security and privacy controls that protect an organization’s sensitive data.
• Prior experience in a client facing consultative role.
• Prior experience in a client facing Presales and consultative role.
• Previous sales experience is required.
• Experience engaging with external regulatory agencies auditing cyber risk programs, including OCC, HHS-OCR and other Federal agencies, and international authorities.
• Strong understanding of all the functions within a security program, the ability to assess the maturity of a security program, and how to provide strategic recommendations and direction to senior leadership.
• Strong demonstrated experience leading the transformation and maturation of a security program within large organizations.
• Extensive experience developing information security documentation for organizations and mapping requirements to various compliance and security best practice frameworks.
• Strong written and oral communication, which includes articulating thoughts and distilling complex problems into digestible information to be consumed by anyone from technical resources to the highest level of management; proven experience communicating clearly to technical levels up through C-Level and Board level.
• Strong written communication skills to aid in the creation of customer deliverables.
• Ability to provide presales support for Governance and Risk opportunities.
• Ability to contribute to practice and offering development.
• Remain current on industry developments and incorporate into service delivery
• Strong ability to work independently and multi-task on multiple projects simultaneously.
• Publish content and/or perform conference speaking to demonstrate thought leadership
• Personal drive and passion for growing themselves and the Practice.
• Standard industry certifications are preferred, such as CISSP, CISA, CISM, CRISC, CBCP, GIAC, etc.
• Conference speaking experience is preferred. 

Why GuidePoint?

GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 700 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 3,000 Enterprise-Level customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.  

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• 100% employer-paid medical and dental premiums with generous employer family contributions
• 11 corporate holidays in 2022 (12 in 2023) and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Care plan