Careers - MAD Security

MAD Security Careers

Come join a team of some of the brightest and most innovative security experts around!

For Employees:

MAD Security offers a very competitive compensation package that includes base salary, medical, 401k matching, bonuses (we like to reward you for your hard work), training on next generation security tools, and flexible time off.

For Trusted Partners (1099):

We are also looking for partners that we can work with that can augment our skills and add depth to our team. We frequently receive requests for work that is a little out of our lane or that we can’t take on due to full bookings, and in those cases we like to work with trusted partners to create win/win scenarios.


MAD Security Career Postings:

Information Assurance/Government, Risk and Compliance (GRC) Consultant

Job Title
Information Assurance/Government, Risk and Compliance (GRC) Consultant
Job ID
27203906
Location
Huntsville,  AL
Other Location
Description

Governance, Risk & Compliance (GRC) Consultant

At MAD Security our mission is to simplify the Cybersecurity challenge and safeguard business, and we need motivated and passionate teammates.

We are seeking an extraordinary Cybersecurity Consultant for our GRC team who will work closely with our clients to deliver risk management and information security compliance consulting and best-of-breed results. You will be working side-by-side with a highly focused and motivated team to reach a higher level of excellence in order to bring the best value to our clients.  You will be expected to conduct a wide array of GRC engagements to MAD Security’s diverse clients. Each engagement can range from 2-3 days to several months, with periods between engagements being utilized to update MAD Security’s methodologies and products. You must have a solid understanding of the Information Security landscape, analyze risk levels of clients, possess the ability to identify areas of exposure, and make recommendations based upon that knowledge. This position relies heavily on sound and repeatable methodologies, while cultivating the business and technical sides of client relationships in order to generate additional avenues of opportunity for MAD Security.

Location

  • Huntsville, AL

Travel

  • Up to 50%

Essential Duties and Responsibilities

  • Conduct GRC engagements onsite and remotely; including report writing
  • Manage and execute project level tasks and milestones
  • Educate clients on information security and applicable control requirements
  • Ensure delivery meets contractual commitments and regulatory compliance (e.g. NIST, DFARS, FFIEC, ISO, CIS 20, etc.), policies and standards
  • Baseline existing risks and compliance levels
  • Advise on risk mitigation and remediation plans
  • Provide information security consulting to clients based on experience in the field and best practices
  • Ongoing evaluation and improvement of methodologies and internal processes.

Candidate Requirements

  • Knowledge and experience of Risk Management, IT Governance, and Information Security best practices, standards and frameworks such as NIST, FFIEC, ISO, PCI-DSS, CIS 20, HIPAA, etc.
  • 5+ years of experience in information security field
  • Good time management, project management and problems solving skills
  • Security controls assessment experience
  • Experience interacting, relating and collaborating with executive-level clients
  • Bachelors Degree or Masters Degree in Information Assurance, Cyber Security, Computer Science, Business Management or other related field
  • One or more of the following: CISSP, CISM, CISA, Security+, or equivalent certificate

Preferences

  • Experience with risk and security in financial institutions
  • Experience interviewing IT and non-IT staff to identify as-is processes and procedures
  • Application Security and/or Vulnerability Assessment experience
  • Penetration Testing and Social Engineering knowledge
  • GRC process and tools experience a plus
  • High level working knowledge of security solutions such as endpoint security, DLP, SIEM, etc., and what problems those solutions are designed to solve
  • Knowledge of various security technologies and leading product families
  • Ability to review the security architecture and advise on security requirements

Option 2: Create a New Profile