Successful candidates will have:
- Strong knowledge in information security standards and frameworks, most notably the NIST 800-53 or ISO 27001/2 set of controls and risk assessment methods (or equivalent standard).
- Basic knowledge in the overall field of IT system administration, infrastructure and networking technologies, and information security best practices.
- the skills to identify risks both quantitatively and qualitatively in various areas of technical and data security and communicate those risks appropriately and effectively to other areas of IT and the business as necessary.
The candidate should also possess excellent collaborative, communication and problem-solving skills and an ability to work with other individuals across various Bain functions to communicate complex problems or deficiencies as needed.
- Bachelor’s degree or equivalent with demonstrated interest in technology, technology issues and analysis.
- Industry accepted security certifications (CISSP, GIAC, CISA, etc.) are not required, but are a plus.
- 1-3 years’ experience in a security role or relatable audit or technical function.
- Basic understanding of network based security technologies (Firewall, IPS, IDS, SIEM, and ACL).
- Knowledge of security policies, regulations, compliance issues, processes and standards (e.g. ISO, ITIL, GDPR, COBIT, PCI, NIST, SSAE-16/18 standards).
- Proven project management skills.
- Ability to work in a fast paced, dynamic environment.
- Attention to detail and priority/time management.
- Strong customer service, analytic, communication (oral and written) and troubleshooting/problem solving skills.
- High performance and standards as demonstrated by academic or previous job experience.
- Experience in OneTrust or similar Risk Management platforms.