Cyber Security Advisory Consulting Consultant - Risk & Compliance

Aon is looking for a Cyber Security Advisory Consulting Consultant - Risk & Compliance

This Risk and Compliance service line Consultant role will be part of a cross-functional security risk team that solves problems by gathering information; identifying threats, vulnerabilities, and risks; and provides remediation assistance.

Aon's Cyber Security Advisory Consulting is client-facing management consulting function. Our Proactive Advisory teams, within this business unit, specialize in the development and implementation of customized cybersecurity solutions for clients', in fee-for-service projects to mitigate risks and prepare companies in advance of a cyber incident. Our Advisory services lines include Cybersecurity Organizational Design and Strategy; Risk and Compliance; Defense and Transformation; Resilience; Data Security and Privacy; and M&A/Private Equity.

As part of these service areas and within a shared resource model, your day-to-day contributions are focused on translating clients' cybersecurity requirements and customizing and implementing security solutions into specific guidance and insights to inform strategies, operations, and tactics.

Your delivery objective will be to identify and develop the security solutions for clients using your current knowledgebase and interpersonal skills along with our company products and technical tools to minimize security vulnerabilities and maximize the effectiveness of appropriate security controls.

These project-based initiatives can involve working at customer sites, working from an Aon office, or remote/home. Performance is typically measured by utilization (i.e., billable hours), role-based metrics, and the successful delivery of agreed solutions within budgeted hours.

The location is flexible.

Your impact as a Cyber Security Advisory Consulting Consultant

Job Responsibilities:

• Assess and investigate client IT security programs and environments via risk assessment interviews and technical information analyses
• Understand existing client processes and controls with respect to electronic and non-electronic information security
• Evaluate the risk and maturity of client cybersecurity programs by reviewing existing programs; conducting comprehensive reviews of threats or risks; evaluating and analyzing relevant data points
• Engage in cybersecurity program reviews to align with client regulatory compliance requirements and industry best-practices
• Assist with developing Information Security Plans and Policies, including those for data retention, data classification, encryption, access governance, incident response, customized to client requirements and risk profile
• Coordinate with Stroz Friedberg security specialists, incident response handlers, digital forensic experts, network engineers, system engineers and Web application engineers to explore and report on specific security risk issues in depth
• Provide recommendations on IT solutions to help clients manage information security risk
• Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow and access control models
• Document results of security risk analyses and formally present to clients
• Track emerging security practices and contribute to building internal processes

You Bring Knowledge and Expertise

Preferred Experience:

• At least 1 years of professional experience, preferably in a technology, information technology or cybersecurity focus role such as IT security audit, assessment, and/or compliance role and/or certifications that can be counted towards
• Cybersecurity Risk Assessment experience with at least two assessment frameworks (NIST CSF, NIST 800-53, NIST 800-171, CMMC, HIPAA, ISO 27001, CIS CSC 18)
• Data Protection Assessment experience with familiarity of data security posture management (DSPM) solutions (e.g., Varonis, Rubrik Laminar, Microsoft Purview), frameworks (e.g., NIST Privacy Framework) and regulatory compliance requirements (e.g., CCPA/CPRA, GDPR).
• Strong background in assessing or auditing IT Security controls. Demonstrated subject matter knowledge and the ability to successfully deliver engagements in multi-functional or diverse areas
• Excellent IT project management and time management skills. Capable of tracking and executing numerous parallel activities, work efficiently and independently with minimal supervision
• Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important
• Ability to communicate effectively, in both written and verbal formats, with senior executive-level leaders
• Self-starter with enough prior client delivery experience to be able to take workstream initiative as a stand-alone resource with one to two other team members working in parallel.
• Willingness to travel up to 25% as needed (Average is much less).

Preferred Qualifications:

• IT or Cybersecurity certifications (e.g., CompTIA A+, CompTIA Network+, CompTIA Security+, ISC2 Certified in Cybersecurity, CompTIA CASP)
• Additional cross-disciplines in Incident Response; Executive Tabletop Exercises; and/or Risk Assessments a plus.

Preferred Education:

• Bachelor's degree in computer science, information technology, or equivalent work experience. A master's degree in information security/computer science or a technology-related field preferred.

How we support our colleague:

In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two "Global Wellbeing Days" each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognize that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working!

Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued.

Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace.

Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status. People with criminal histories are encouraged to apply.

We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com

For positions in San Francisco and Los Angeles, we will consider for employment qualified applicants with arrest and conviction record in accordance with local Fair Chance ordinances.

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.

Pay Transparency Laws:

The salary range for this position (intended for U.S. applicants) is $78,200 to $104,200 annually. The actual salary will vary based on applicant's education, experience, skills, and abilities, as well as internal equity and alignment with market data. The salary may also be adjusted based on applicant's geographic location.

This position is eligible to participate in one of Aon's annual incentive plans to receive an annual discretionary bonus in addition to base salary. The amount of any bonus varies and is subject to the terms and conditions of the applicable incentive plan.

Aon offers a comprehensive package of benefits for full-time and regular part-time colleagues, including, but not limited to: a 401(k) savings plan with employer contributions; an employee stock purchase plan; consideration for long-term incentive awards at Aon's discretion; medical, dental and vision insurance, various types of leaves of absence, paid time off, including 12 paid holidays throughout the calendar year, 15 days of paid vacation per year, paid sick leave as provided under state and local paid sick leave laws, short-term disability and optional long-term disability, health savings account, health care and dependent care reimbursement accounts, employee and dependent life insurance and supplemental life and AD&D insurance; optional personal insurance policies, adoption assistance, tuition assistance, commuter benefits, and an employee assistance program that includes free counseling sessions. Eligibility for benefits is governed by the applicable plan documents and policies.

#LI-NS1

#LI-REMOTE