Senior Security Specialist, Business


Cybersecurity Solution Team Lead


Full-Time, Exempt

Start Date:


Travel Requirements:

Up to 50%

Position Description

The Senior Security Specialist, Business provides foundational business-focused cybersecurity solutions, including risk assessment, governance, data classification, policies, controls and procedures, awareness, vendor risk management, and incident response. Other responsibilities include leading delivery of client solutions and acting as a trusted advisor to help solve business-critical problems. This position is a critical member of a cybersecurity-focused business solution team, composed of capable and high-caliber cybersecurity professionals, and generally is expected to lead service delivery with members of this team.

This position will be joining one of the three cybersecurity-focused teams at GreyCastle Security:

  • Cybersecurity Business
  • Cybersecurity Technical
  • Cybersecurity Governance

Of the three core components of cybersecurity; people, process and technology, the Cybersecurity Business Unit focuses primarily in business-related cybersecurity activities, while also supporting the other units. The Cybersecurity Business unit primarily designs, implements and maintains cybersecurity programs.

Position Responsibilities

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Consult with clients in a wide range of security domains, including risk assessment, governance, data classification, policies, controls and procedures, vendor management, awareness, incident response, penetration testing and vulnerability assessment
  • Partner with Project Management to deliver communications, plans, timelines and other activities required for successful service delivery
  • Maintain proficiency in and awareness of security services, industry trends, tactics, techniques and procedures
  • Maintain proficiency with security tools, where applicable
  • Act as a definitive cybersecurity resource for clients and business partners
  • Provide leadership and initiate process improvement
  • Provide direction, as a senior resource, to members of the team
  • Act as a mentor and provide guidance to junior team members

Supervisory Responsibility

This position has no supervisory responsibilities.

Work Environment

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to stand; walk; use hands to finger, handle or feel; and reach with hands and arms.

This position requires the ability to occasionally lift office products and supplies, up to 20 pounds.

Position Type/Expected Hours of Work

This is a full-time position, and hours of work and days are Monday through Friday, 8:00 a.m. to 5 p.m.

Required Skills and Qualifications

The Senior Security Specialist role is for individuals that have mastered implementation and maintenance of cybersecurity programs and information management systems. Ultimately, the Senior Security Specialist must be able to implement, advise, and consult in the following capabilities and areas of knowledge:

  • Risk Management
  • Plan, lead and deliver cybersecurity solutions to solve business and compliance requirements
  • Advanced knowledge and experience of the cybersecurity lifecycle, including information asset inventory, risk assessment, data classification, policies, controls and procedures, awareness, vendor risk management and incident response
  • General knowledge of how technical cybersecurity contributes to the cybersecurity lifecycle
  • Risk treatment and corrective action plans
  • Produce and deliver detailed findings and recommendations in professional, accurate and digestible formats
  • Provide presentation of findings to senior-level staff and board members
  • Exceptional written and oral skills, including the ability to succinctly describe findings, make recommendations and communicate them in business terms
  • Project Management including proficiency with organization of projects, tasks, timelines and communications
  • Accountability for deliverables and agreed upon timelines

Required Education and Experience

  • CISSP, GPEN, CISM, CISA, GIAC or applicable professional-level security certifications
  • 5+ years of relevant information security experience
  • Advanced knowledge of Microsoft Word and Excel

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.