Risk Consulting Director - Offensive Security

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You'll find an environment that inspires and empowers you to thrive both personally and professionally. There's no one like you and that's why there's nowhere like RSM.

The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology, and management consulting, tax, and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. USI is a member of RSM International, the sixth largest global network of independent accounting, tax, and consulting firms. RSM's vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments.

Risk Consulting helps clients across various industries by addressing the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses. Risk Consulting major offerings includes AML & Regulatory Compliance; ERP Advisory; Automation and Analytics; Enterprise Risk Management; Internal Audit; SOX Advisory; Contract Compliance; Credit Reviews; Information & Technology Audits; Cybersecurity risk management; Third-party risk management; IT due diligence; SOC1 / SOC2; Security and Privacy Risk; Governance Risk and Compliance; PCI; Cyber Transformation; Manage Security Services; Secure Architecture Solutions; Cyber Testing; Digital Forensics and Incident Response; and Cyber Threat Intelligence.

Qualification And Minimum Entry Requirements

• Bachelor or Master degree in computer science with a minimum of 10 years in cyber security domain
• Technical background in networking / system administration, security testing or related fields
• In-depth knowledge of TCP / IP
• Good knowledge of Perl, Python, Bash, or C experience
• Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.)
• Configuration and Security experience with firewalls, switches, routers, VPNs
• Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115
• Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box)
• Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.)
• Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.)
• One or more of the following testing certifications : Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc)
• In addition, one or more of the following governance certifications is preferred : Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®)
• Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client&aposs senior management
• Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices
• The standard work hours for this role are from 3 : 30 PM to 11 : 00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing.

Technical Requirements

Soft Skills Requirement

At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life's demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https : / / rsmus.com / careers / india.html.

RSM does not tolerate discrimination and / or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and / or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation.

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and / or employment / partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at [HIDDEN TEXT].

Show more

Show less