Security jobs in United States

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Bitdefender.

Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, enterprise, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world. For more information, visit https://www.bitdefender.com.

About Us:

Bitdefender is a leading cybersecurity firm dedicated to providing cutting-edge solutions to our clients. We support customers with a wide variety of technology products and services which include our security advisory service offerings, helping organizations identify and mitigate potential cyber risks through comprehensive assessments, guidance and simulation techniques.

The mission of the Cybersecurity Advisory Team is to become a trusted security advisor to our customers guiding them throughout their security journey.

Job Description:

We are seeking an experienced and passionate Cybersecurity Consultant to join Bitdefender's Cybersecurity Advisory Team, collaborating directly with our clients to deliver security advisory assignments.

The Consultant will be responsible for leading and delivering cybersecurity advisory engagements within Bitdefender worldwide. They will work hand-in-hand with a team of skilled and experienced professionals dedicated to supporting our clients manage risks to their organization.

The new team member will play a critical role in delivering high-quality services to our clients and will contribute to the growth of our services and reputation of the firm. Members of the Cybersecurity Advisory Team are familiar with most aspects of cybersecurity but specialize in defining cyber security strategies, assessing organisations against industry recognized frameworks (such as, MAS TRM, ISO 27001, SOC 2, NIST CSF, etc.), and supporting the day-to-day cybersecurity operations.

The new team member will be expected to support and work in close partnership with our Pre-Sales, Sales and Delivery Management Teams to ensure a smooth end-to-end process for our customers and the delivery of exceptional services.

Examples of projects we deliver are cybersecurity reviews, risk management, compliance readiness support, and vCISO for public and private sectors, for companies ranging from startups to large multinational enterprises in financial, technology, manufacturing, CII, and other industries.

Key Responsibilities:

1. Leadership: Show ability to independently execute complex projects while working together with the team on common tasks, fostering a collaborative and high-performing team culture.
2. Engagement Management: Lead the planning, execution, and reporting of all relevant engagements, ensuring objectives are met within scope, budget, and timeline constraints.
3. Technical Support: Demonstrate advanced knowledge and proficiency in various frameworks, methodologies and technologies. Typical projects include:
1. Acting as a virtual Chief Information Security Office or a virtual Information Security Manager for our customers providing strategic guidance and operational support.
2. Collaborating on the secure design and implementation of traditional and cloud infrastructure applying DevSecOps principles.
3. Supporting the establishment of the Secure Software Development Lifecycle, including the creation of Secure Development Lifecycle Policy and Procedures, and review of the DevOps pipeline and release processes.
4. Architecture security reviews, including cloud (e.g. AWS, GCP, Azure, AliCloud).
5. Guiding clients on the implementation of secure IT operations including Zero Trust principles.
6. Guiding clients on the secure principles in project management.
7. Defining a Security Target Operating Model.
8. Creating or reviewing Information Security Policies and Procedures, including ISMS documentation.
9. Performing risk assessments on organizations or specific assets.
10. Assessing third-party suppliers.
11. Conducting training and awareness exercises (board level or general employee awareness).
12. Performing compliance or gap analysis against industry recognized frameworks as well as bespoke assessments based on customized frameworks, including data privacy assessments.
4. Client Interaction: Interface directly with clients to understand their security objectives, communicate findings, and provide actionable recommendations for improvement.
5. Sales Support: Interface directly with the Sales and Pre-Sales Teams to support scoping of impactful and valuable solutions for our clients by understanding their security objectives.
6. Team Development: Mentor and develop team members, supporting their growth and skill enhancement in the field of information security advisory.
7. Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, regulatory frameworks, and industry best practices, integrating new techniques and tools into our services.
8. Collaboration: Collaborate with other teams within the organization, such as Sales, Delivery Management, and Research, to ensure alignment and maximize client value across our portfolio of services.
9. Quality Assurance: Maintain high standards of quality and professionalism in all deliverables across the team, adhering to the organization’s methodologies and standards.
10. Travel: Willing to travel around and within South-east Asia as required by different client engagements.

Requirements:

1. Minimum of 4 years of experience in cybersecurity or GRC (governance, risk and compliance) and client-facing consulting experience.
2. Bachelor degree in Computer Science, Information Security or any related field.
3. At least one Cybersecurity-related Certifications such as CISSP, CSSLP, CISM, ISO 27001 LA/LI, CISA, CRISC, CCSP, CCSK, CCISO, CGRC, CIRH, CEH, AWS Certified Security, AWS Certified Solutions Architect, etc.
4. Deep understanding of security frameworks, such as ISO27001, NIST CSF, NIST 800-53, PCI DSS, GDPR, PDPA, etc.
5. Solid general knowledge of IT systems, including traditional infrastructure, cloud platforms, SaaS, DevOps.
6. Knowledge of techniques and technology vendors such as ServiceNow, Jira, OneTrust, AWS, GCP etc.
7. Leadership Skills: Excellent communication, interpersonal, and conflict resolution skills.
8. Languages: Strong communication skills in English required. This includes speaking and writing, as well as presenting skills. Additional languages are considered a plus.
9. Project management: Experience of managing complex projects. PMP and ITIL certificates are considered a plus.
10. Client Focus: Strong client-facing skills, with the ability to build and maintain relationships, understand client needs, and deliver impactful solutions in a clear manner.
11. Analytical Thinking: Strong analytical and problem-solving skills, with the ability to think creatively and work independently with minimal supervision.
12. Team Player: Collaborative mindset, with the ability to work effectively in global cross-functional teams and contribute to a positive work environment whilst training and mentoring others in a leadership capacity.
13. Ethical Standard: Commitment and dedication to uphold client confidentiality and integrity in all engagements.
14. Adaptability: Ability to thrive in a fast-paced, dynamic environment, with a willingness to adapt to changing priorities and challenges.
15. Passion: Demonstrated passion for cybersecurity, evidenced by involvement in security initiatives outside of work, such as speaking at public events or mentoring programs, etc.

Why Bitdefender:

We value technical competency (and development) in our consultants and the quality of work we deliver to our clients.

Annual training budget allocated for each consultant to take up cybersecurity related courses and certifications.

Dedicated research time to ensure our consultants stay up-to-date with the latest industry trends to ensure smooth delivery of any future client engagements.

Opportunities to learn and perform a variety of security assessments beyond GRC and security advisory work, such as collaborating with the Offensive Security Team on pen testing, red teaming, adversary simulations, cloud security assessments, blockchain security and IoT testing. Opportunities to collaborate with defensive disciplines such as threat hunting are also available.

We have an awesome delivery team that will help minimize distractions and allow you, our consultant, to focus your efforts on your on-going assessments.

Work with and learn from fellow similar-minded colleagues from all around the world, including countries such as Singapore, Indonesia, Europe, United States, United Kingdom, and Romania, where Bitdefender HQ is.

• Associate

• Full-time

• Consulting
• Industries
• IT Services and IT Consulting and Software Development