Senior IT Security Consultant

CREO is seeking a full-time senior IT Security Consultant with exceptional customer service skills to help our clients assess, design and build effective security programs. The successful candidate will possess strong communication skills and deep experience in security governance, security risk management, security operations, and/or cyber incident response programs.


  • Provide consulting and guidance on building and/or maturing information security programs and the implementation of tools and technologies used for enterprise security

  • Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects

  • Implement and/or assess enterprise IT security controls

  • Provide knowledge and guidance on tools and technologies used for enterprise security


  • Bachelor’s degree in information security, information technology or related technical discipline

  • Minimum 10 years overall IT experience with 5+ years of professional information security experience

  • Demonstrated experience implementing successful enterprise information security programs

  • Strong understanding and experience implementing one or more security frameworks, such as NIST 800-53, NIST RMF/CSF, ISO 27001, HIPAA/HITECH, HITRUST, CIS, COBIT, or PCI DSS

  • Strong understanding and experience with security and privacy related regulatory compliance, such as FISMA, HIPAA/HITECH, GDPR, EU-US Privacy Shield

  • Advanced understanding of networking, including TCP/IP protocols and network topology

  • Strong understanding of security controls for common platforms and devices, including Windows, Linux and network equipment

  • Knowledge and experience with tools used in penetration testing, security event analysis, incident response, computer forensics, malware analysis or other areas of security operations

  • Demonstrated understanding drawing out customer needs and delivering practical outcomes addressing those needs


  • Certification in at least one of the following: CISSP, CCSP, CISA, CISM, HITRUST Practitioner, HCISPP, ISO 27001 Lead Implementer, CEH, FITSP

  • Experience with computer systems validation (CSV) and 21CFR11 compliance

  • Experience supporting U.S. federal government security compliance (FISMA)

Interested? Start the conversation.

Name *