JOB RESPONSIBILITIES:

• Assist vCISOs in executing elements and projects, such as risk assessments, within a security program
• Work directly with clients to understand their operations and tailor security policies and procedures that are fit to the organization
• Serve as subject matter expert of Kobalt’s security education platform
• Design and deploy phishing tests to clients on a regular basis
• Provide compliance audit readiness support as required
• Provision, implement, and manage Vanta, or a similar GRC platform, for clients
• Troubleshoot compliance monitoring issues within Vanta, or a similar GRC platform, for clients
• Build new tools and techniques to compress human-intensive tasks into work that can be achieved in a fraction of the time
• Document best practice procedures for commonly used technologies for standardization of deployment
• Identify system misconfigurations and draw up recommendations for clients and assist where necessary
• Collaborate with team members to assist with improvements, discovery, and production of creative and insightful security use-cases
• Capture regular metrics highlighting key activities, measurable accomplishments, and blockers
• Support the design and development of Kobalt’s service offerings through insightful feedback and a positive attitude as a contributing member of our security delivery team
• Help drive improvements in our best-in-class security services through the creation of knowledge-base articles and services documentation
• Respond to and engage our customers through our ticket system, chat, email, phone, or other mediums as required
• Complete technical certifications to help gain necessary technical knowledge and support Kobalt vendor partnerships

JOB QUALIFICATIONS:

• 1-2 years’ experience in Security Technologies, Information Security, Business Resilience, Technology Risk or related fields
• Customer-first focus.
• Can work independently and with teams to identify and resolve challenges and overcome roadblocks.
• Ability to communicate effectively, both verbally and in writing, with clients and internal audiences
• Understanding of cybersecurity domains, including Security Operations (on-premises and cloud), Security Engineering, Information Risk Management, etc.
• The ability to articulate secure best practices of various aspects of information risk management in the context of people, processes and technology
• Report Writing: Emphasis on Spelling, Grammar, Word usage, and ability to write a summary that answers the Who, What, Where, When, How, and to the best of your ability,
• Strong communication skills: Be able to perform summarization and commonality detection and "connect the dots" so that a group of facts is turned into contextual information. Then take that contextual information and determine if it proves your hypothesis right or wrong.
• Ability to quickly learn and adapt security best practices to a wide variety of technologies in use by clientele