Cyber Security Specialist (Hybrid) in Tulsa at CBIZ

Date Posted: 10/1/2022

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Tulsa
  • Job Type:
  • Date Posted:
    10/1/2022

Job Description

CBIZ Stinnett Risk & Advisory Services offers consulting, outsourcing and co-sourcing services to public and private companies of all sizes by providing national caliber expertise combined with highly personalized service. As part of CBIZ, (NYSE: CBZ), the nation's eighth largest financial services provider in the country, CBIZ Stinnett Risk & Advisory Services provides internal audit, Sarbanes-Oxley compliance, cybersecurity, supply chain management, ESG and risk consulting services to leading businesses across North America.

CBIZ values its team members, and collaboration and inclusiveness are the glue that underpins our culture. Flexibility and work-life balance add to the enjoyment of coming to work every day. As a result, CBIZ has been honored to be the recipient of several national recognitions:

  • Top 101 2021 Best and Brightest Companies to Work For in the Nation
  • 2021 America's Best Mid-Size Employers
  • 2021 Best and Brightest Companies in Wellness
  • 2022 Great Place to Work Certification
  • 2022 Top Workplaces USA

As CBIZ Stinnett continues to grow our Data Privacy and Cybersecurity (DPCS) practice, we are looking for consultants that want to help our clients get better by reducing risk. We do this through a multitude of engagements, ranging from hands on implementation assistance to cybersecurity reviews and risk assessments. Stinnett utilizes industry standard frameworks and other best in class technologies to assess our clients’ environments.

The Cybersecurity Specialist will contribute to client projects and project teams to provide professional services to the firm’s clients.  Duties will include involvement in a variety of DPCS projects such as infrastructure, cloud and security tools analysis, architectural design, and risk management.  Activities will include documentation and analysis of client technical environments, -development of security policies and procedures, onsite and remote reviews of technology architecture, including operations technology systems such as SCADA/ICS and communicating findings and recommendations to clients in both writing and verbally.

This individual will demonstrate technical and professional knowledge of DPCS practices.  He or she will play an active role in developing and coaching less experienced team members, providing guidance and timely feedback. 

Job Responsibilities:

  • Perform security assessment and compliance activities using NIST, CSC and other related frameworks.
  • Perform security architecture review (SAR) to ensure design best practices and standards are met.
  • Create workpapers and reports accurately portraying client evidence.
  • Engage with client projects for a variety of clients and industries, consistently delivering quality client services within expected timeframes and on budget.
  • Work with sense of urgency and the ability to shift focus as needed throughout the day.
  • Identify, evaluate, and effectively communicate significant exposures to security risks, breakdowns in controls, and other related concerns.
  • Communicate in writing findings to both technical and non-technical audiences.
  • Successfully balance multiple projects at once, regularly communicating status and issues to Stinnett management and Principals.
  • Support the research of emerging technology, requisite security requirements, and emerging threats and develop a way-forwards to meet organizational goals.
  • Research security standards, security systems and authentication protocols, keep abreast with latest trends in the cybersecurity industry.
  • Understand effective information technology processes, including best practices and internal control approaches.
  • Interact with and effectively communicate with clients or other third parties as necessary.
  • Manage conflict with clients and/or team members in a professional, confident matter.
  • Develop relationships with team members across the firm to better serve client needs.
  • Assist the firm through participating in training, company-wide projects, and human resource initiatives. 
  • Accurately represent and record project time and expenses.
  • Travel is estimated to be less than 10-15%.

Preferred Qualifications:

  • Minimum of 3 years of hands-on experience in a technology or cybersecurity-based industry.
  • A Bachelor’s degree in a technology or business field.
  • Experience in a client facing role.
  • A relevant professional certification such as Network+, Security+, CCNP, CISSP, CISA, CISM, Microsoft MCSE, Azure, and/or other technical certifications is a must.
  • Strong knowledge of and hands on experience with various security architectures (Zero Trust Architecture) and infrastructure technologies required.
  • Hands on configuration experience with networking technologies such as: next generation firewalls, switches, routers, and wireless controllers with working knowledge of TCP/IP addressing and protocols, ACLs, routing, VLANs, segmentation.
  • Hands on experience with vulnerability scanning tools (e.g.,Qualys) a plus.
  • Functional knowledge and administrative experience with PC, server, virtualization, and storage systems.
  • Knowledgeable in technologies such as: Active Directory, Federation, Multifactor Authentication, SSO, IDS, IPS, Host Based Firewalls, WAF (Web Application Firewall), DNS, DHCP, HTTPS/TLS, SSH, SMTP, Syslog, Key Management, PKI, Tokens, SAML, OAUTH.
  • Security experience with cloud-based technologies such as Microsoft 365, Azure, AWS.
  • Understanding of cryptographic trust based systems a plus.
  • Functional knowledge of identity, authentication and authorization systems.
  • Basic understanding of database security.
  • Knowledgeable in compliance standards like: HIPAA, PCI, CCPA, Subscriber PII, GDPR preferred.
  • Experience with SIEM technologies preferred.
  • Experience with industrial control systems or IoT technologies is a plus.
  • Proficient at the secure software development life cycle and DevSecOps is a plus.
  • Coding experience preferred but not required.
  • Strong skills in Microsoft Office applications.
  • Possess integrity, principles, and work ethic.
  • Strong analytical, interpersonal, and verbal/written communication skills.

Minimum Qualifications:

  • Bachelor’s degree in relevant field
  • 3 years of relevant work experience
  • Achieve professional certifications relative to area of expertise, must have and preserve required licenses
  • Must possess analytical skills
  • Proficient use of applicable technology
  • Demonstrated ability to communicate verbally and in writing throughout all levels of organization, both internally and externally
  • Must be able to travel based on client and business needs

REASONABLE ACCOMMODATION

If you are a qualified individual with a disability you may request reasonable accommodation if you are unable or limited in your ability to use or access this site as a result of your disability. You can request a reasonable accommodation by calling 844-558-1414 (toll free) or send an email to accom@cbiz.com.

EQUAL OPPORTUNITY EMPLOYER

CBIZ is an affirmative action-equal opportunity employer and reviews applications for employment without regard to the applicant’s race, color, religion, national origin, ancestry, age, gender, gender identity, marital status, military status, veteran status, sexual orientation, disability, or medical condition or any other reason prohibited by law. If you would like more information about your EEO rights as an applicant under the law, please visit these following pages EEO is the Law and EEO is the Law Supplement.

PAY TRANSPARENCY PROTECTION NOTIFICATION