Optiv is looking for a Sr. Consultant – Strategy & Risk to lead the delivery of security solutions and risk management engagements for our clients. This remote role requires a consultant who can balance technical security knowledge with strong client-facing skills to improve organizational security posture and achieve compliance.
What You'll Do
- Deliver independent work or take the engagement lead for complex projects.
- Act as an engagement escalation point to assist other delivery team consultants.
- Work closely with clients to define, build, and implement security leading practices.
- Conduct risk assessments, security readiness audits, and gap analysis with compliance and regulatory frameworks.
- Assess compliance with industry standards and regulations such as NIST 800-171/53, ISO 27001, COSO, CMMC, HIPAA, and PCI.
- Assist clients in developing risk management frameworks and mitigation strategies.
- Provide third-party risk assessments to evaluate client’s supply chain and key vendors.
- Support the design and implementation of cybersecurity policies, procedures, and governance frameworks.
- Develop and refine security strategy assessments, security program plans, and POA&M.
- Translate security operational and technical risks into business implications with recommendations for stakeholders.
- Conduct workshops, stakeholder interviews, security awareness sessions, and presentations with key client stakeholders.
- Collaborate with Principal Consultants and Technical Managers to support client objectives.
- Maintain clear documentation and reporting for security findings, analysis, and recommendations.
- Stay updated on emerging cybersecurity, risk management, key technologies, and regulations.
- Contribute to thought leadership through research, whitepapers, and presentations.
- Effectively provide knowledge transfer and post-production support activities as necessary.
What We're Looking For
- Bachelor's degree and approximately 5-7 years of related work experience.
- Hold or pursue relevant certifications such as CISSP, CISM, CRISC, CCSP, CMMC CCP/CCA, or ISO 27001 Lead Implementer.
- Strong understanding of cybersecurity frameworks (NIST, ISO 27001, CMMC, CIS, PCI, HIPAA, etc.).
- Hands-on experience with security assessments, risk management, compliance assessments, policy and standards, and other related risk and compliance activities.
- Experience working in cyber resilience including Business Continuity Planning, Disaster Recovery, Business Impact Analysis, and Operational Resilience.
- Strong analytical and problem-solving skills for cybersecurity challenges.
- Excellent communication and report writing skills for client engagements.
- Ability to manage multiple projects and work independently in a fast-paced environment.
- Willingness to travel to meet client needs.
- Valid driver's license in the US.
- The successful candidate must hold related professional certifications such as the CISSP, CISM, and/or CISA.
Nice to Have
- Preference for prior consultancy role experience.
Team & Environment
You will collaborate with Principal Consultants and Technical Managers to deliver on client objectives.
Benefits & Compensation
- Professional training resources.
- Creative problem-solving and the ability to tackle unique, complex projects.
- Volunteer Opportunities through 'Optiv Chips In'.
- The ability and technology necessary to productively work remotely/from home.
Work Mode
This is a remote position open to candidates in Canada (any province except Québec).
Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.
