Cybersecurity Consulting Principal

REDW LLC, one of the Southwest’s largest and fastest growing certified public accounting and business advicsory firms, with offices in New Mexico, Arizona, Oregon, and Oklahoma, is excited to have been awarded Top Workplace 2024, 2023, 2022 and 2021 honors for both the state of Arizona and the state of New Mexico.

AZCentral and The Albuquerque Journal also recognized REDW with special Cultural Excellence awards in Compensation, Remote Work, and Formal Training categories.

As the Cybersecurity Consulting Principal, you will be responsible for defining and implementing the cybersecurity strategy for internal and external stakeholders. The principal performs and supervises a broad range of consulting IT and cybersecurity services, including assessing the IT/Security environment and general IT and Security controls of clients and preparing and signing-off on workpaper documentation needed related to the IT/Security assessments performed.

A Principal will focus their duties and responsibilities in four major areas.  Those areas include:

• Client Service (Billable time)
• Business Development
• Team Development
• Operational and administrative duties as assigned.

The Principal’s other responsibilities will include the provision of exceptional services to our clients in a manner such that the client is WOWed by the experience. This includes the following:

• The service has been provided in a timely and professional manner and for a fee which is supportable and beneficial to the firm.
• Other opportunities to meet client needs have been identified and explored.
• The client service team has grown technically and taken on more responsibilities.
• The firm’s professional and business risk has been managed appropriately.
• The firm’s reporting and documentation requirements related to the provision of these services have been met.

ESSENTIAL FUNCTIONS

• Complete assessments of the IT/Security environment and general IT and Security controls for Cybersecurity clients, including preparing and signing-off on documentation needed to comply with respective Governance, Risk, and Compliance standards
• Responsible for continuing education requirements to be able to consult and provide high value services to clients.
• Independently lead delivery teams and provide thorough guidance to team members with minimal guidance from leadership.
• Understand and maintain knowledge of the client’s security environment, business operations, security needs, and risk appetite.
• Ability to translate technical materials and issues into non-technical/layman terms.
• Stay abreast of industry trends, news, and maintain a broad understanding of the security landscape to facilitate thought leadership, support, analysis, and guidance to internal and external clients.
• Ability to independently manage project teams and serves as a trusted consort for advice that provides specialized expertise to develop and implement technical solutions for complex client problems.
• Manage multiple efforts by appropriately gauging individual level of effort needed on each project based on staff, customer requirements, and similar factors to ensure properly balanced projects.
• Ensure successful project completion by developing and planning projects/tasks in collaboration with project managers, and adhering to scheduling, budgetary, quality control, risk management, and contractual obligations.
• In coordination with the REDW marketing department, expands the brand awareness and market presence over cyber security services.
• Identifies new opportunities for REDW cyber security services and works closely with REDW service line leaders to secure these opportunities as new work for REDW.
• Provides continuous attention, communication, and coordination to clients.
• Builds relationships with senior level client personnel.
• Obtains client expectations from management team and strategizes plan to meet client expectations.
• Keeps key REDW team members informed about issues and helps prepare information to be communicated to the client and documents key client discussions.
• Provides supervision, assistance and feedback to team members. Responsible for ongoing training, mentoring and development of team members.
• Provides timely information about scope changes and negotiates appropriate fee relationships.
• Coordinates with key REDW team members to achieve committed deadlines.
• Actively engage in the industries and communities that you participate in with the direct intention of developing Business Development opportunities for the firm and the department.
• Engage in activities to actively sell work the department and firm can service through participating in the preparation and submission of proposals, meeting with prospective clients, collaborating with team members throughout the firm to offer additional services to existing clients, and to proactively engaging in business development activities (e.g., attending REDW sponsored events, attending, and if possible presenting at, conferences, workshops, webinars and seminars, etc.).
• Properly define the scope of the client Master Service Agreement/Statement of Work and work directly with the client service team to assure there is no scope expansion.  If scope expansion occurs, assure that an appropriate discussion has occurred with the client regarding potential additional fees and delivery time impacts.
• Serve as the go to person for all client engagement or client service team matters and decisions.
• Works closely with REDW leadership to develop a strategic plan to grow REDW’s presence for cyber security services.
• Identifies strong candidates to fill the hiring needs identified in the strategic plan and works closely with REDW leadership to recruit and secure the employment of candidates.

KNOWLEDGE AND SKILLS

• Experience with security technologies such as firewalls, intrusion detection/prevention systems, SIEM, and encryption solutions.
• Experience conducting Information Security risk and compliance assessments, experience evaluating compliance with regulatory and key IT standards such as HIPAA/HITECH, PCI DSS, NIST CSF, ISO 27001, GDPR/CCPA, NERC CIP, and other similar standards/frameworks.
• Prefer candidates with payment card industry (PCI DSS), financial (GLBA), and/or health care (HIPAA/HITECH) experience.
• Current information security certifications such as CISM, CISA, CISSP, ISO 27001 LI (preferred).
• Working knowledge of Security Testing and Audit Platforms.
• Working knowledge of host/network common vulnerabilities and exploits, hacker methodologies and tactics, and the tools used.
• Experienced in using the Microsoft Office Suite (Word, Excel, PowerPoint).

QUALIFICATIONS

• Bachelor’s degree in Computer Science, Information Technology, or a related field. (Master’s degree preferred).
• 7-10 years in information security, with at least 5 years in a leadership role.
• Relevant certifications such as CISSP, CISM, or CISA are highly desirable.

REDW is proud of our commitment to equal pay for equal work. Knowing our team members are multi-dimensional people, we take special consideration to value each candidate. The potential annualized pay range for this position is $208,325 - $260,411. We make compensation offers within the range based on a range of individual factors, including but not limited to location, skills, experience, training, licensure and certifications, business needs, and applicable employment laws. These factors may also be taken into consideration to offer above or below the pay range. 

Sharing pay information upfront fosters an open, transparent dialogue around how we value candidates’ unique strengths. We believe talented people from all backgrounds should feel welcomed, supported and empowered to create forward-thinking solutions for our clients.

BENEFITS HIGHLIGHTS

Competitive Benefits Package - Our competitive benefits package includes Medical, Dental, Vision, HSA, FSA, Disability Insurance, Life and AD&D Insurance, Supplemental coverage, and 401(k) with employer match.

Employee Wellness - We care about overall employee wellness, offering monthly reimbursements for expenses like gym memberships, training programs, health apps and more.

Time Off - On top of PTO and paid sick time, REDW observes ten (10) paid holidays each year and offers our team members two floating holidays chosen by your department. 

Exclusive Perks - Our Access Perks program helps team members maximize budgets with exclusive perks for travel, shopping, and more, offering thousands of discounts with travel and entertainment providers.

Professional Development - We pride ourselves on our entrepreneurial spirit at REDW and so are big fans of learning and development. Our customized Learning Management System (LMS), Spiirall, offers development resources, training, education credits and more for professional and personal betterment.

Remote Worker Allowance - Along with providing essential technology needs, we help equip remote team members to succeed with an annual $150 work-from-home allowance for key gear in their home-offices.

Credentialing & Licensure - Credentialing support, licensing exam bonuses and longevity awards.

As an equal opportunity employer, REDW actively fosters a diverse and inclusive workplace. We encourage all qualified candidates to apply, as we believe that diversity of perspectives and backgrounds leads to further innovation and success. At REDW, we do not tolerate any discrimination based on race, color, religion, gender, sexual orientation, national origin, age, disability or other legally protected statuses.

REDW is committed to providing reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or to participate in our recruiting process, please send us an email at [email protected].