CFGI is a unique and highly specialized financial consulting firm that is strategically positioned to assist the office of the CFO through a range of routine and complex business scenarios. As an extension of your corporate finance team, CFGI works alongside your internal staff, serving in a variety of roles from technical accounting advisor, M&A support, tax services, etc. delivering seamless support services.
Technical & Domain Experience:
● Six plus years of experience in IT systems, network, or application architecture or engineering role with focus on secure enterprise design.
● Three plus years of experience providing advisory services to clients; gathering requirements, design specifications, and create solutions that are aligned with IT security strategy.
● Thorough experience with common information security controls frameworks (e.g., ISO, NIST, CIS, or CSA).
● Experience applying industry frameworks/best practice standards to identify security design gaps in existing and proposed architectures and propose changes and/or enhancements.
● Extensive knowledge & experience in securing systems and applications leveraging well-known information security frameworks and standards (e.g., NIST, CSA, CIS, OWASP, ISO2700 series, SOC 2, etc.) as they align to well-known architecture frameworks (e.g., TOGAF, BOST, SABSA, etc.).
● Understanding of core data privacy and protection standards (e.g., PCI DSS, HIPPA/HITECH, CCPA, etc.).
● Experience delivering security architecture solutions on cloud environments (e.g., Microsoft Azure, Amazon AWS).
● Experience implementing systems or applications based on security hardening benchmark guides (e.g., CIS benchmarks or AWS best practices).
● Experience in writing enterprise-level architecture documentation and analysis.
● Experience in Network Security, Cloud Security, Application Security, Endpoint, Firewall/IPS, Web and Email security.
Process & Project Management Experience:
● Experience managing stakeholders, expectation setting, understanding, and communicating the problem, driving consensus and delivering agreed outcomes.
● Ability to identify risks associated with business processes, operations, information security programs and technology projects.
● Mentor client IT teams as needed for new deployment features or functionality or best-practices.
● Ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background.
● Strong problem-solving and troubleshooting skills.
Soft Skills:
● Ability to prioritize and multitask. Flexibility and adaptability in work approach.
● Experience of managing a team of consultants.
● Self-motivated and possessing of a high sense of urgency and personal integrity.
● Calmness and clarity of thought under pressure and ability to maintain confidentially.
● Strong written and verbal communication skills.
● Demonstrated leader with team-oriented interpersonal skills.
● Train other staff and external clients, as necessary.
Qualifications / Certifications:
● Bachelor’s or master’s degree in Computer Science, Information Systems, Cybersecurity, or a related field; a minimum of six years of related work experience is preferable.
● Desired certifications: CISSP, CCSP, CISA, CRISC, GIAC, cloud certifications from AWS/Azure/Google Cloud.