At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.
Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is comprised of recognized experts and incident responders with deep technical expertise and experience in investigations, data breach response, digital forensics, and information security. With a highly successful track record of delivering mission-critical cybersecurity solutions, we are experienced in working quickly to provide an effective incident response, attack readiness, and remediation plans with a focus on providing long-term support to improve our clients’ security posture.
Consulting Director, Proactive Services is a senior/executive level consulting position. They will provide expert-level guidance on all areas of cybersecurity and cyber risk management to clients across a wide array of industries, geographies, and organizational structures. They will be the client’s advocate for cybersecurity risk management and will provide strategic and technical leadership in this area.
Assist Crypsis leadership in developing the proactive cybersecurity and risk management service offerings for clients.
Assist clients in directing their information security strategy and aligns security programs with client business priorities.
Create, enhance, review, and/or approve security policies, standards, controls, and processes as warranted by each client engagement.
Identify appropriate tool-sets and services to be implemented to identify, detect, and respond to potential threats with corresponding communication and action plans.
Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.
Evaluate, manage, and adjust security personnel and staffing levels to ensure proper knowledge of the ever-changing industry landscape to defend against future threats.
Identification of risks, creation of actionable plans to protect the business, and scheduling periodic security audits.
Forecast and develop a budget, as required, for cyber-related functions in collaboration with senior leadership.
Cultivate and maintain relationships with key clientele to increase awareness of Crypsis’ capabilities and provide on-demand expertise for client needs.
Advise senior leadership and board of directors on cybersecurity risk and advocate for managing risk.
Provide hands-on, expert-level consulting services to clients. Conduct and review security program risk assessments based on cybersecurity frameworks, regulations, and industry best practices.
Amplify Crypsis’ presence and credibility in the marketplace through thought leadership, including via speaking engagements, articles, whitepapers, and media exposure.
Help advance the firm's capabilities, including by identifying new services, building partnerships, and/or ways to augment our current capabilities to better serve our clients.
Demonstrated prior experience and success in designing and implementing an organization’s cybersecurity program, organizational structures, and capabilities.
Experience as a senior-level team leader having established a security vision, strategy, and program, while anticipating future security and compliance challenges up to and including overseeing other seniors, mid-level analyst/consultant teams.
Ability to travel as needed to meet business demands (on average 30%).
Strong presentation, communication, and presentation skills with verifiable industry experience in holding a CISO or vCISO role.
Expert level of knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance. Ability to provide discovery, triage, and remediation in addition to evaluation of threats.
Technical proficiency in a wide range of cyber risk management services, including penetration testing, vulnerability assessments, and cybersecurity framework assessments, among others.
Client services mindset and top-notch client management skills. Experienced-based understanding of clients’ needs and desired outcomes in cybersecurity and risk management engagements.
Public speaking experience, demonstrated writing ability, including technical reports, business communication, and thought leadership pieces.
Operates with a hands-on approach to service delivery with a bias towards collaboration and teamwork.
Must be results-driven and strategic.
Cybersecurity industry certifications such as CISSP and/or CISM are a plus.
Bachelor’s Degree; an advanced degree such as MS, MBA, or Juris Doctorate (JD) is a plus.