Security Consultant

Job Description: Security Consultant

About Bright Defense

Bright Defense is dedicated to delivering top-tier Security, Risk, and Compliance consulting services. Our commitment to excellence, participation, integrity, and collaboration sets us apart in the industry. We strive to create a dynamic and inclusive environment where innovation and teamwork drive success.

Who We Look For

We are seeking a mid-level Security Consultant with a minimum of 5 years of experience. The ideal candidate is a strong communicator and active listener, skilled at navigating diverse audiences and situations. They are self-aware, adaptable, and able to connect people, data, trends, and experiences. Our consultants are mature, humble, and genuine, consistently going above and beyond for clients and colleagues. They are ethical, trustworthy, and committed to our core values even in challenging situations. A passion for learning and technology is essential, as is the ability to inspire and excite others.

What We Do

Our Security Consultants work with clients at all organizational levels, from the C-suite to the shop floor, helping them achieve their most strategic initiatives. We deliver realistic, data-driven decisions that provide tangible value to our clients. Our consultants are known for their ability to break down complex programs and frameworks into actionable steps.

Key Responsibilities

• Participate in Cybersecurity, Information Security, Risk, Compliance, and/or Data Privacy Programs or Projects under the guidance of senior consultants
  • Compliance framework mapping and implementation
  • Regulatory mapping and implementation
  • Advisory-side, risk, or regulatory remediation management
  • Readiness for new laws and regulations
  • Risk, Compliance, or Information Security risk reporting and monitoring
  • Creation of roadmaps to mature or advance Risk, Compliance, and Information Security Strategies/Programs/Controls
  • Design and enablement of cyber controls functions and processes
  • Change management related to regulatory adoption or compliance changes
  • Audit or certification readiness
• Assist with GRC (Governance, Risk, and Compliance) related tasks and projects
• Work with GRC/Cybersecurity solutions, tools, and technologies
• Design or mature controls for technical areas such as Software Development, Identity and Access Management, Business Continuity and Resiliency, Cloud
• Apply industry-specific regulations, laws, and standards such as SOC 2, ISO 27001, CMMC / NIST 800-171, NIST 800-53, CCPA/CPRA, HIPAA, PCI
• Serve as an internal auditor on client audit preparation
• Coordinate and advise clients through external audits
• Continuously learn from senior consultants to develop expertise and advance within the role

Qualifications

Required:

• Humble, Hungry, Smart
• Demonstrated business and technology acumen
• Strong written and verbal communication skills
• Experience solving real business problems
• Proven track record of delivering results
• Experience working with and/or supporting a team
• Ability to work across industries, roles, functions, and technologies
• Authorization for permanent employment in the United States (this position is not eligible for immigration sponsorship)

Preferred:

• Bachelor’s degree
• 5+ years of professional experience
• Relevant cybersecurity, systems, or networking certifications: CC (Certified in Cybersecurity), CEH, CCNA, CompTIA Security+, GISF, GSEC, SSCP, ISACA Cybersecurity Fundamentals Certificate
• Experience across our service offerings

Additional Information

Bright Defense collects and uses Personal Information for human resources, employment, benefits administration, and business-related purposes. To comply with our regulatory obligations under the California Consumer Privacy Act (“CCPA”), we notify you of the Personal Information we collect. To access our CCPA Policy, including the categories of Personal Information we collect and the purposes for which we intend to use this information, please visit our Privacy Policy.

Bright Defense is an equal opportunity employer (EOE), and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.