Guidehouse

ACTIVE and CURRENT Top Secret (TS) or Secret federal security clearance with the ability to obtain TS clearance.. Minimum three years of conducting cybersecurity risk assessments or penetration testing experience.. One of the following certifications: CISSP, CISM, Security+, Offensive Security Certified Professional (OSCP) or GIAC Penetration Tester (GPEN) or Certified Ethical Hacker (CEH) Certification.. Minimum five years of planning and leading teams conducting cybersecurity risk assessments and penetration testing activities.. Certified CISA AES HVA Assessment Lead with experience conducting HVA assessments or performing Risk and Vulnerability Assessments.

lead senior consultant

<div>Job Family: Cyber Consulting Travel Required: Up to 10% Clearance Required: Active Secret <ul><li>This requisition has been posted for the purpose of pipelining building relationships with qualified candidates in order to potentially hire them into future openings within Guidehouse's Cyber team.</li><li>The Cyber team is currently proactively gathering and engaging candidates of interest and will then be able to match them with positions that become available in the future.</li></ul> What You Will Do: In this role, you will be accountable for the activities of an Assessment Team and lead the planning and execution of High Value Asset (HVA) Cybersecurity Assessments on the federal government's most critical systems across federal civilian agencies. You will participate in and lead the planning, scheduling, and execution of HVA assessments which include penetration testing services using a variety of tactics, techniques, and procedures to identify exploitable vulnerabilities in networks and systems while also measuring compliance with organizational security policies, testing whether staff are aware of security issues, and ultimately determining the organization's risk to cybersecurity threats. You will author and deliver a comprehensive report detailing the assessment methodology, identified risks, and provide risk-based recommendations for remediating the risks. <ul><li>Serve as the Assessment Lead and/or Technical Lead and responsible for overall assessment planning, execution, and guidance of technical and pen testing operator team members.</li><li>Function as the lead author developing executive-focused Assessment Report sections and describing the impact of identified risks and recommending risk remediation solutions.</li><li>Develop current state security architecture diagrams.</li><li>Drive the communication with senior executives and stakeholders on assessment requirements and expectations.</li><li>Lead technical discussions on system security architecture reviews with system stakeholders to understand existing and potential cybersecurity risks to the system and learn how the risks are identified, evaluated, and managed.</li><li>Coordinate the development of Rules of Engagement documentation to guide the pen testing scoping and planning exercises, develop test plan, and assist with obtaining management approval. </li><li>Lead and collaborate with Technical Leads and Penetration Team Operators to determine the appropriate scoping and approach for conducting pen testing activities, obtaining, and using the required pen testing tools, and confirming pen testing logistics including location for performing the activities and assigning a formal team of operators.</li><li>Participate in analyze test results, developing assessment and/or pen testing report that discovered vulnerabilities, and provide risk-based recommendations to remediate those vulnerabilities.</li><li>Assume responsibility for confirming all deliverables are completed on time and meet expected quality standards.</li></ul> What You Will Need: <ul><li>Bachelor's degree.</li><li>ACTIVE and CURRENT Top Secret (TS) or Secret federal security clearance with the ability to obtain TS clearance.</li><li>Minimum three years of conducting cybersecurity risk assessments or penetration testing experience.</li><li>One of the following certifications: CISSP, CISM, Security+, Offensive Security Certified Professional (OSCP) or GIAC Penetration Tester (GPEN) or Certified Ethical Hacker (CEH) Certification.</li><li>Excellent oral and written communication and presentation skills.</li><li>Communicates effectively and demonstrates leadership role with clients and fellow team members.</li><li>Experience managing direct client engagement team to deliver impactful support to federal clients.</li></ul> What Would Be Nice To Have: <ul><li>Minimum five years of planning and leading teams conducting cybersecurity risk assessments and penetration testing activities.</li><li>Experience supporting US government cybersecurity programs.</li><li>Experience leading engagement teams and serving as the main point of contact for the client.</li><li>Experience with managing/supporting and/or knowledge of cybersecurity or CISA High Value Asset (HVA) program, and Security Architecture Review.</li><li>PMP certification.</li><li>Certified CISA AES HVA Assessment Lead with experience conducting HVA assessments or performing Risk and Vulnerability Assessments.</li><li>Knowledge of NIST Cybersecurity Framework, Risk Management, NIST 800-83 Rev 5.</li><li>Experience and knowledge of pen testing best practices and tools.</li></ul> What We Offer: Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace. Benefits include: <ul><li>Medical, Rx, Dental & Vision Insurance</li><li>Personal and Family Sick Time & Company Paid Holidays</li><li>Position may be eligible for a discretionary variable incentive bonus</li><li>Parental Leave and Adoption Assistance</li><li>401(k) Retirement Plan</li><li>Basic Life & Supplemental Life</li><li>Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts</li><li>Short-Term & Long-Term Disability</li><li>Student Loan PayDown</li><li>Tuition Reimbursement, Personal Development & Learning Opportunities</li><li>Skills Development & Certifications</li><li>Employee Referral Program</li><li>Corporate Sponsored Events & Community Outreach</li><li>Emergency Back-Up Childcare Program</li><li>Mobility Stipend</li></ul> About Guidehouse Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation. Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco. If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at [redacted] or via email at RecruitingA[redacted]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation. Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.</div>

START NEW SEARCH