Job title: Senior Consultant
Job type: Permanent
Emp type: Full-time
Salary type: Annual
Salary: USD $135,000.00
Location: Remote
Job published: 2025-02-13
Job ID: 33962
Contact name: Ross Gisondi
Phone number: +19293951228
Contact email: ross.gisondi@hamptonnorth.com

Job Description

Job Description

We are looking for a Senior Consultant to work in the vCISO practice, who will support banking and financial clients on achieving SOC 2 compliance and other relevant security standards. 

 

Logisitcs: 100% Remote, US

Compensation: 125-135k base + 10k bonus

 

Here's what you'll be doing:

  • Develop, implement, and oversee comprehensive security programs tailored to client needs, ensuring compliance with SOC 2, NYDFS 500, and other relevant security standards (e.g., ISO 27001, NIST).
  • Guide clients through the SOC 2 audit process, from readiness assessments to final audits, ensuring alignment with the AICPA Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, and Privacy).
  • Provide expert consultation to clients on how to achieve and maintain compliance with NYDFS 500, helping them navigate the requirements for cybersecurity policies, incident response plans, and risk assessments as per the regulations.
  • Lead and conduct detailed risk assessments, vulnerability assessments, and gap analyses to identify areas of non-compliance or exposure to cyber threats, providing actionable remediation strategies.
  • Create, review, and update security policies, procedures, and controls aligned with industry best practices and client-specific needs. Help clients draft comprehensive security documentation for SOC 2 and NYDFS 500 audits.
  • Present findings, progress, and recommendations to senior executives, board members, and other stakeholders to ensure buy-in and alignment on cybersecurity initiatives.
  • Assist clients in developing long-term cybersecurity strategies to improve their security posture and meet industry standards.
  • Provide training sessions and workshops for clients’ teams on SOC 2, NYDFS 500, and general information security best practices.
  • Stay up to date with the latest developments in cybersecurity regulations and best practices to ensure the highest level of expertise and service for clients.

 

And here's what you'll need:

  • Education: Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field (not required).
  • Certifications: Relevant industry certifications such as CISSP, CISM, CISA, or equivalent are highly preferred. Experience with SOC 2 and NYDFS 500 requirements is a must.
  • Experience:
  • Minimum 7 years of experience in information security, risk management, and compliance roles, with a focus on SOC 2 and NYDFS 500.
  • Proven track record as a VCISO or Senior Consultant, leading security programs, audits, and compliance initiatives.
  • Strong experience with risk assessments, gap analysis, security controls, and security frameworks (NIST, ISO 27001, etc.).
  • In-depth understanding of SOC 2 audit processes and NYDFS 500 regulations.
  • Strong knowledge of cybersecurity frameworks, incident response, disaster recovery, and business continuity planning.
  • Familiarity with industry tools and platforms for security monitoring and audit management.
  • Excellent communication and presentation skills, with the ability to convey complex technical concepts to non-technical stakeholders.
  • Strong project management and organizational skills, with the ability to handle multiple projects simultaneously.
  • Ability to think strategically and guide clients through complex regulatory landscapes while aligning with business objectives.