Principal Consultant

Summary

Join Atmosera's Professional Services team as a Principal Consultant, serving as a Compliance Advisory subject matter expert. You will evaluate and enhance the security of complex systems, mentor team members, and engage in community outreach. Responsibilities include leading client engagements, developing technical content, translating GRC requirements into Azure and Microsoft 365 controls, and serving as a practice SME. The ideal candidate possesses 7+ years of experience in IT security, compliance, or risk management, along with specific knowledge of various frameworks (NIST, ISO, PCI DSS, etc.) and certifications (CISSP, CISM, CISA). Atmosera offers a competitive benefits package including health insurance, retirement plan, paid time off, and opportunities for professional development.

Requirements

• 7+ years of experience in an IT security audit, assessment, compliance, risk management, or data privacy role
• Knowledge and awareness of the latest information risk, security, and compliance innovations, trends, challenges, and solutions
• Knowledge of strategy, privacy, risk standards/frameworks, and professional practices (NIST, ISO, CIS Top 20, ISSA, CSA CMM, Privacy by Design, FAIR, etc.)
• Knowledge of the typical enterprise risk and security operational practices
• Knowledge of information security-related solutions, tools, and utilities
• Experience in strategy development, setting direction for team members, influencing both internally and externally
• Experience building common compliance frameworks as well as mapping between different compliance requirements
• Experience securing cloud-based infrastructure, including secure operating systems, firewalls, and database lockdowns
• Demonstrated breadth of security expertise in various subdomains such as encryption, identity, incident response, etc
• Knowledge of Identity Access Management design and implementation patterns
• Experience with risk assessment methodologies and risk reporting for executive leadership
• Proven background in clearly writing complex technical documents that can be presented across a varied enterprise corporate audience
• 7+ years of experience working with one or more of the following
• Payment Card Industry (PCI) Council's Payment Card Industry Data Security Standard (PCI DSS)
• ISO/IEC 27001:2022 and ISO/IEC 2702:2022
• ISO 9001:2015
• System and Organization Controls (SOC) 2
• National Institute of Standards and Technology (NIST) frameworks (800 series)
• HITRUST framework
• Health Insurance Portability and Accountability Act (HIPAA)
• Health Information Technology for Economic and Clinical Health Act (HITECH)
• Bachelor's Degree in Computer Science, Information Systems Management, Information Security, Business or equivalent experience required
• CISSP
• CISM or CISA
• In addition, depending on the framework(s) you will be supporting you must have one or more of the following
• ISO: ISO/IEC 27001 Lead Auditor/Implementer
• Certified CSF Practitioner (CCSFP)
• PCI: Qualified Security Assessor (QSA)

Responsibilities

• Work with and mentor team members to drive customer success
• Scope and lead engagements with clients. This includes leading pre-sales calls and onsite visits, understanding customer security and compliance requirements and environments, and proposing and delivering packaged offerings or custom solution engagements
• Develop technical content, such as security plans, procedures, policies, and white papers that can be used by our clients to assist them in elevating/building out their security and compliance programs
• Lead delivery engagements, including potential on-site projects, working with clients to build out compliance roadmaps, architecture guidance, gap assessments, etc
• Translate and implement industry-standard GRC requirements into Azure and Microsoft 365 controls
• Collaborate with Professional Services team members and sales teams to convey partner and customer feedback
• Serve as the practice subject matter expert (SME) for escalations, sales/marketing support, driving practice profitability and revenue
• Provide Delivery Team Support, including identifying process improvements, training Delivery personnel on methodologies/tools and quality topics, and mentoring Delivery personnel
• Development of industry-wide service line thought leadership through: Authoring: methodologies, templates, white papers, work instructions, guidelines, forms, tools
• Developing and delivering industry-specific training, including speaking/presenting at conferences, creating webinars
• Support management of client satisfaction at all phases of the client relationship
• Ensure continuous professional development by maintaining industry-specific certifications
• Maintain a strong depth of knowledge in the practice area
• Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables
• Establish account relationships and identify upsell and cross-sell opportunities and escalate to sales

Preferred Qualifications

• Azure certification(s)
• CRISC or related certification
• CCSK certification
• Big Four Advisory/Consulting Experience (Deloitte, EY, PwC, Accenture, etc.)

Benefits

• Competitive Salary: We offer competitive salaries commensurate with experience and skills
• Generous 401(k) Plan: Secure your financial future with our generous 401(k) plan, featuring a 100% company match on your contributions up to 4% of your salary! This is a fantastic opportunity to build your retirement savings with our support
• Performance-Based Compensation: Your hard work and dedication will be recognized and rewarded through our performance-based compensation program, which includes bonus potential in addition to your base salary
• 100% Employer-Paid Health, Vision, and Dental Insurance for employees: Say goodbye to expensive premiums! We cover 100% of the cost of your health, vision, and dental insurance premiums, saving you potentially thousands of dollars each year. Focus on your health, not your healthcare costs
• Company-Paid Life, AD&D, Short and Long-Term Disability Insurance: We provide company-paid life, accidental death & dismemberment, and short- and long-term disability insurance to protect you and your family
• Generous Paid Time Off (PTO): Enjoy a healthy work-life balance with three weeks of paid time off, allowing you to relax, recharge, and pursue your personal interests. This flexible PTO can be used for vacation, personal time, or sick leave
• 11 Paid Holidays: We observe 11 paid holidays throughout the year, giving you additional time to spend with family and friends
• Community Service Leave: We believe in giving back to the community and offer paid time off for you to volunteer with organizations that are meaningful to you
• Employee Recognition and Reward Program: We celebrate and reward outstanding performance and contributions through our employee recognition program. We value your dedication and are committed to showing our appreciation
• This is a full-time position in the United States with the ability to work from home, or from one of our many US offices if local