Overview
Sia is a next-generation, global management consulting group. Founded in 1999, we were born digital. Our Cybersecurity team is the powerhouse of our firm’s innovation. With over 350 experts worldwide, we tackle projects from proof-of-concept to large-scale deployment, pushing the boundaries of AI capabilities. By joining Sia’s Cybersecurity team, you’ll step into a vibrant, collaborative environment that nurtures professional growth and empowers you to shape the future of consulting.
Sia is an equal opportunity employer. All aspects of employment, including hiring, promotion, remuneration, or discipline, are based solely on performance, competence, conduct, or business needs.
Job Description
Key Responsibilities
- Lead and/or support cybersecurity engagements across diverse industries as part of on-site or remote project teams
- Contribute to the development of high-quality and timely deliverables that clearly communicate project findings and recommendations
- Facilitate effective meetings and communicate project outcomes and technical findings clearly to stakeholders at various levels of the client organization
- Execute industry-standard and regulatory assessments (e.g., NIST, ISO 2700x, U.S. Privacy Laws, DORA, GDPR, NYDFS Part 500, SWIFT CSCF)
- Collaborate closely with internal and client stakeholders to support effective engagement execution
- Deliver regular status updates to project stakeholders including Senior Management
- Assist in business development efforts, including client proposal creation and thought leadership
- Engage in internal initiatives and contribute to the growth of the Cybersecurity practice
Qualifications
- Bachelor’s degree required in Business Management, Finance, Computer Science, Engineering, IT, Mathematics, etc.
- Two or more years of recent client-facing management consulting experience with an emphasis on cyber-related projects, ideally covering one or more of the following topics:
- Cybersecurity and IT Risk requirements, metrics, reporting procedures and control frameworks (NIST, ISO, CMMC, SANS, etc.)
- Operational Resilience frameworks including policies and procedures for BCP/DR, tabletop exercises, incident response and crisis management
- Third Party Risk Management (TPRM)
- Penetration testing
- Vulnerability and patch management
- Cloud security and/or network expertise (AWS, Azure, GCP)
- Knowledge of cryptography and/or blockchain a plus
- Strong knowledge of data privacy and protection laws and regulations e.g., EU-GDPR, CCPA/CPRA, HIPAA, GLBA, and CDPA
- Holds or is willing to obtain within the first year one of the following certifications: CISSP, CISM, CISA, CRISC, CEH, etc.
Additional Information
Compensation & Benefits
- Competitive base salary with annual discretionary bonus
- Robust health coverage with multiple medical plans, dental and vision, life and AD&D insurance
- Tax-advantaged accounts: 401(k) with 4% matching, HSA, FSA
- Family-friendly benefits including paid parental leave
- Generous PTO and company holidays
- Perks such as monthly cell phone stipend and wellness programs
- Employee Assistance Program with confidential counseling and resources
Diversity, Equity, Inclusion & Belonging
We are committed to fostering a diverse, equitable and inclusive culture where employees and partners are valued and thrive in a sense of belonging. For more information, please visit our website.