About 10-D Security
10-D Security is a national Information Security and Compliance firm specializing in serving financial institutions for almost 20 years. Our services include IT Audits, Penetration Testing, Vulnerability Assessments, Social Engineering, BSA/AML Audits and Model Validations, and Lending and Deposit Compliance Audits, and more. We work with everyone from small institutions to large holding companies, delivering best-in-class reports in a timely manner. Our focus is risk-based, resulting in deliverables with actionable findings, and direction to speed up remediation. By not performing remediation and selling any other products or services, 10-D Security maintains an independent and unbiased approach to security and compliance, while guaranteeing our clients that our reports are on target and not slanted or tainted by other agendas. Competitive salaries and a full line of employee benefits help us attract and maintain some of the sharpest and brightest professionals in the information security industry. To ensure our staff stays current, 10-D Security supports employee growth through training reimbursement for relevant certifications and assistance with ongoing CPE obligations.
This unique position allows candidates to use their IT security experience and knowledge to help clients across the country by providing independent, objective assessments of client information security programs, cybersecurity practices, and controls. The 10-D audit program is mature, well-vetted, and follows FFIEC/GLBA guidelines along with best practices. We perform both on-site and remote audits, depending on client wishes. If travel is needed, travel time will vary depending on engagement needs; however, on-site time is typically two days during an engagement, 20-30 weeks annually.
Job duties include:
- Conduct remote and on-site IT audits including policy reviews, general controls reviews, physical security reviews.
- Social engineering and physical security testing.
- Preparing draft and final report deliverables for clients.
- Communicate and work with other members of the engagement team on other types of security assessments such as Social Engineering, Penetration Testing, and Vulnerability Assessments.
- Participate in the entire engagement delivery process, from assisting sales with technical questions, through report delivery and follow-up.
- Research and stay informed of new technology, standards, and regulations.
- Assist in the development of new processes and procedures to improve testing, auditing, and assessments.
WHAT YOU BRING:
- An understanding of information technology, preferably built through experience. The more hands-on experience, the better.
- An understanding of the importance of information security and risk management.
- Strong communications skills
- Good business acumen
HELPFUL TO HAVE:
- Senior level IT, IT Director, Information Security Officer, or IT risk management experience.
- Experience working in or for financial institutions.
- Certified Information Systems & Security Professional (CISSP) or Certified Information Security Auditor (CISA) certifications.
- A Bachelor’s degree.