About SecurityScorecard:

SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million companies continuously rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by world-class investors, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their digital footprint. 

Headquartered in New York City, our culture has been recognized by Inc Magazine as a "Best Workplace,” by Crain’s NY as a "Best Places to Work in NYC," and as one of the 10 hottest SaaS startups in New York for two years in a row. Most recently, SecurityScorecard was named to Fast Company’s annual list of the World’s Most Innovative Companies for 2023 and to the Achievers 50 Most Engaged Workplaces in 2023 award recognizing “forward-thinking employers for their unwavering commitment to employee engagement.”  SecurityScorecard is proud to be funded by world-class investors including Silver Lake Waterman, Moody’s, Sequoia Capital, GV and Riverwood Capital.

About the Team

If you are an experienced cybersecurity practitioner who is excited by solving our Customer’s complex challenges and improving their cybersecurity resilience through innovative solutions - this role might be for you! At SecurityScorecard, our Professional Services team puts our Customers first and operates as a #oneScorecard Team. We seek to drive excellence, both in ourselves and others, and we fully leverage the SecurityScorecard platform in what we do.

About the Role

SecurityScorecard’s Senior Consultant of Advisory Services will work directly with some of our most key Customers to drive positive security outcomes, including the management of cybersecurity risk across critical infrastructure and government institutions. This role operates within our Professional Services line of business and represents the pinnacle of SecurityScorecard’s technology and expert cybersecurity guidance. You will be a senior-level member of our global consulting team and will ensure exceptional deliverables, eager responsiveness, and a solutions-focused mindset to solve complex Customer challenges. As a Senior Consultant, you will rely on your ever increasing technical knowledge and expertise, while leading or assisting in the process development, solution innovation and consultative advisory service delivery. Additionally, you will regularly work across internal functions within SecurityScorecard, including Sales, Architects and Engineering to achieve success for our Customers.

What You’ll Do:

• Develop advisory guidance, roadmaps and recommendations to assist Customers in maturing their third-party vendor risk programs
• Lead technical reviews of information security posture according to industry leading  frameworks and standards. 
• Manage vendor risk assessments of on-prem and cloud deployments, including Azure, AWS, O365 and GCP. 
• Create assessment and breach likelihood reports with recommendations on mitigation strategies, roadmaps and provide ongoing consultations on implementations.
• Conduct information security risk assessments – this includes, but is not limited to working directly with Customers to build asset inventories, identify vulnerabilities and threats, calculating risk, creating risk treatment plans, and assisting with overall implementation of security controls and measures. 
• Assist Customers to utilize SecurityScorecard products and services to meet their third-party risk management program objectives.
• Assess the maturity of cyber security programs and create strategies and roadmaps for Customer improvements.
• Evaluate Customer readiness for information security incidents and assist them in reaching the highest level of preparedness and ability to effectively react to future incidents.
• Implement information security frameworks and create sets of policies and procedures according to NIST Cybersecurity Framework, PCI DSS, HIPAA, GDPR, CCPA, and more. 
• Contribute to the advisory team by consulting with Customers on information security topics, conducting training, and documenting recommendations and providing deliverables to raise overall awareness on good cyber hygiene.

What We need you to have: 

• Bachelor's degree in relevant field
• At least 5+ years of professional information security consulting experience 
• 4-10 years of general experience in a technology discipline
• Knowledge of various cyber security methodologies, solutions and current trends.
• Knowledge of at least one of the major information security management systems such as NIST CSF, NIST SP800-53 or ISO27000.
• Hands-on experience in at least two technical cybersecurity domains such as risk management, incident response, security operations, threat intelligence, or security management. 
• Excellent written, verbal and presentation communication skills - bilingual in English and French is a plus.
• Ability to lead an informed discussion and bring clients to understand information security risks and needs.
• Strong influencing skills that promote productivity and inspire business transformation. 
• At least one certification in the following list is recommended: CEH, GSLC, GCPM, GSTRT, GCCC, GSNA, CISSP, CISM, CISA or CRISC.
• Location: Ottawa, Canada or nearby vicinity

Benefits:Specific to each country, we offer a competitive salary, stock options, Health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more!

SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based on merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law. 

We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or accommodation due to a disability, please contact talentacquisitionoperations@securityscorecard.io.

Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law. 

SecurityScorecard does not accept unsolicited resumes from employment agencies.  Please note that we do not provide immigration sponsorship for this position.   #LI-DNI