Previous Job
Client Facing Security Coordinator (CFSC)
Ref No.: 16-02450
Location: Chicago, Illinois
Start Date / End Date: 04/14/2016 to 11/14/2016
Location: Chicago, IL. They will need to be at the client site at least 1 time per week and as needed. The person will be able to work remotely from home the other days they aren't needed onsite. For the first week or so they may need to be on-site more frequently. Put candidate location at the top of the resume.
Travel: They may need to be able to travel to California a couple times through the contract - less than 25% of the time. Expenses will be covered by the client.
Duration: 7 months contract to perm.
Interviews: 1st will be over the phone. 2nd will be in person at the client site.
This person will be supporting 3 different end clients.
Position Overview:
  • The manager said this is NOT an Information Security Officer - that's a higher role than this request.
  • The Client Facing Security Coordinator (CFSC) has a crucial role in maintaining a secure client environment and in meeting contractual requirements.
  • The CFSC needs to be involved in all aspects of the client engagement, preferably from the design of the solution through to the implementation phases of the project.
  • The CFSC is mainly involved in overseeing information security issues in steady-state delivery of large Enterprise engagements.
  • Minimum Bachelor's Degree (Specialization in Info Security is a big plus)
  • 6+ years of proven experience in Information Security domain
  • Must have experience reporting to CISO/senior security leadership.
  • Adept at understanding the overall security/threat landscape and proposing solutions to mitigate risks from this environment.
  • Must have excellent understanding of tools and processes used for strengthening information security posture (Infrastructure Security devices IDS/IPS, FW, VPN etc; Vulnerability Scanning tools, host based security systems, ISO 27001 controls etc.)
  • This is a client facing role - Excellent oral, written and presentation skills in English.
  • Ability to work with the virtual teams
  • Must have good understanding of IT infrastructure architecture.
  • Must be an intelligent, articulate and persuasive individual who can serve as an effective advisor to the senior client security leadership.
  • Should be able to communicate security-related concepts to a broad range of technical and non-technical staff and drive security across multiple teams
  • CISSP certifications required. CISA, CISM, ISO 27001 - LA, LI, CGEIT recommended.
The CFSC's responsibilities are primarily based on the project's SOW, but are likely to include most, if not all of the following:

  • The CFSC is an operational resource, part of BAU delivery, and reports to the Security Tower.
  • The CFSC is the Point of Contact to respond to the client's security questions.
  • The CFSC coordinates security issues across the various towers and teams to find, develop and implement security processes and supportive documentation (as the client would expect).
  • The CFSC identifies potential gaps in the existing security practices compared to the client expectations for delivery of services to the client as well as develop solutions to close the security gaps.
  • All such solutions have to be agreed with the Security Tower to ensure consistency across all clients. Security Management
  • The CFSC is the central hub for all security related issues and concerns across the various towers that exist in the Client Client engagement.
  • These issues and concerns, whether raised by the client or by Client, will be evaluated and handled appropriately, which involves communication between all involved parties.
  • Clear definitions of major and minor security threats for the specific solution are determined during the initial phases of the project, together with planned remediation, resulting in a project security threat matrix.
  • The CFSC is directly involved in documenting and resolving all major security events and incidents by investigating and assisting the operations teams as needed.
  • For minor events like a single infected computer, operations staff may handle the remediation of the event.
  • The CFSC maintains the reports and records of security events and makes them available to appropriate personnel (such as forensics staff) as and when required.
  • The CFSC is the direct communications link between the client's Information Security representative(s) and Client.
  • If so directed in the contract, the CFSC will notify the client's Information Security representative(s) of any emerging information security threats or trends that may impact either the services that Client is providing or the operations of the customer.
  • This may take the form or direct emails, periodic newsletters, meetings etc.
  • The CFSC is part of the Client security tower (to ensure a standard approach) and works directly with the client's Information Security representative.
  • Contractual requirements may require adherence to specific client policies and procedures by Client or some type of alignment of policies and procedures between the two organizations.
  • The CFSC will review the client policies and procedures that are provided (initially and from time to time) and make recommendations or changes to ensure Client will fulfill these requirements within the recommended standards determined by the Security Tower.
  • This will usually involve working with the client's Information Security representative and the Client Account manager
  • The CFSC will coordinate various information security activities within the client environment, such as vulnerability scans, access control audits and security awareness and training.
  • These activities and any deliverable reports are based on the contractual requirements and the standards determined by the Security Tower.
  • Some of these information security activities will also be a part of the client's internal security regimen.
  • It is the CFSC's responsibility to review reports from these activities as they relate to the client's environment and recommend appropriate action when needed.
  • The CFSC will work with client auditors and regulatory authorities as required.
  • As information security gaps are detected by either the CFSC, the client, auditors or the service delivery team, the CFSC will take steps to ensure that each gap is either closed (within the standards determined by the Security Tower) or, if the gap cannot be closed, then the CFSC will work with the client's Information Security representative to mitigate the risks and ensure that the client understands and acknowledges the residual risks.
  • The CFSC will develop, as needed, and distribute various security documents that are used by the service delivery team or are required by contract.
  • Examples of these documents are reports and forms such as Incident Reports and Access Control Reports as well as BeATo (Client proprietary tool) reports.
  • Some of these items may be only needed for Client internal purposes while others may be needed to fulfill a deliverable requirement.
  • The CFSC will ensure the client facing Client delivery environment is periodically assessed for risks through a formal risk assessment process followed in Client.
  • The activity and results are combined with the risk assessment activity carried out for the rest of Client operations in that location.
  • The CFSC holds periodic Review Meetings with the client's Information Security representative as part of the contract's governance processes.
  • The CFSC will inform the client of our own security assessments (BeATo results) and takes note of improvement or corrective actions as observed by the client; and implement them.
  • Launch Vulnerability test, Launch Compliancy test, Audit follow up, Launch internal audit ( Password compliancy...), Security incident management, Security risk management (risk register follow up ), Weekly meeting with Client CSO, Biweekly meeting with RMIS (security team of the Client), Weekly PMO meeting ( internal ), Monthly Virus summary reporting, Review of daily attack, new virus detection, correlation SEP and Trend.
  • BCP DRP review, Follow up of ongoing actions, launched, and proposal.
  • Follow up of Virus remediation action (left alone and CMS servers)
  • Assessment of new proposal or improvement and new design of security solution proposed.