Kivu Consulting, a leading cyber security, incident response, computer forensics, and investigations firm seeking an Analyst, Digital Forensics & Incident Response. The ideal candidate will be highly organized and have 3-5 years of penetration testing, vulnerability and risk assessment, and cyber security consulting experience, and be driven to grow their existing skill set. Experience handling client/sensitive data is a significant plus as well as performing in a consultative, customer facing role.
Kivu consists of security analysts who specialize in cyber security, incident response, digital forensics and risk management services. Kivu provides cyber security solutions through a combination of technical, analytical, legal services and experience.
We are looking for a passionate Associate Director of Information Protection consulting services with strong experience in information security, technology, compliance, risk and governance who can take a leadership role in our growing cyber security consulting practice with a focus on security assessments, penetration testing, and information security consulting.
The Associate Director of Information Protection consulting will be responsible for leading a team to review and test our clients’ technical, administrative and physical controls within their information technology environment and provide guidance on mitigating the risks based upon the results.
The successful candidate must be an individual who understands business operations, information technology and security. This individual must have demonstrated leadership specific to technical information security issues with hands on experience with information security testing and consulting. The Director must have the ability to manage and develop staff. High level communication skills are essential to successfully translate technology and security requirements into business terms. Strong client service skills are necessary for interacting with various levels of internal IT staff as well as corporate leadership.
- Be involved with the sales process by working with the business development staff and clients to explain and demonstrate services and products as a subject matter expert
- Assist sales staff with the creation and delivery of proposals Maintain working knowledge of advanced cyber threat actor tactics and techniques
- Research, identify and understand new threats
- Conduct penetration tests, security audits and risk assessments with commercial, open source and self-developed tools and techniques
- Report and present findings to team and clients
- Manage, mentor and train fellow team members
- Internally educate business unit leaders, staff and executive leadership on the information protection practice
- Excel as a self-motivated individual who can work on their own as well as integrated with a team in a variety of situations
- Consistently work to improve our brand through thought leadership
- 3-5 years of consulting experience leading and performing penetration testing engagements and IT security assessments
Preferred Skills and Qualifications:
- Must possess strong verbal and written skills
- Consulting experience a must
- Experience in a number of IT disciplines may provide a solid framework for this position, but must have hands-on results from performing penetration testing, IT risk assessments, information security consulting, or IT audits are most beneficial
- GPEN, OSCP and equivalent security testing and certifications
- Familiarity and knowledge of security frameworks (NIST CSF, CIS, ISO)
- Proven experience with security tools such as Nexpose, Metasploit, Nessus, Kali Linux, etc., as well as other various commercial and self-developed tools
- Experience with scripting languages such as python, ruby, etc., as well as familiarity with programming languages such as: C/C++/ObjC/C#, Java, PHP, or .NET
- Strong knowledge of the Windows client/server architecture and familiarity with Linux/Unix
- Strong networking knowledge with a focus on security
- Team leadership and development experience required
- Project management experience highly desired
- Familiarity with incident handling techniques and processes desired
- Industry visibility through conference presentations, blogging, academic papers and social media is desired
- Business development skills a plus
The position is in Denver, Colorado and is full-time. Compensation will include an attractive base salary, incentive compensation, and full benefits including health and 401(k). Salary is commensurate with experience. Please email a resume and detailed cover letter (outlining how you fit the above requirements) to Doug Brush, Director at firstname.lastname@example.org