Sr Cyber Risk Consultant

WHO WE ARE Balbix is the world's leading platform for cybersecurity posture automation company. The Balbix Security Cloud uses AI and automation to reinvent how the World's leading organizations reduce their cyber risk. With Balbix, security teams can accurately inventory their cloud and on-prem assests, conduct vulnerability management and quantify their cyber risk in monetary terms.

Balbix counts many global 1000 companies among its rapidly growing customer base. We are backed by John Chambers (the former CEO and Chairman of Cisco), top Silicon Valley VCs and global investors. We have been called magical, and have received raving reviews as well as customer testimonials, numerous industry awards, and recognition by Gartner as a Cool Vendor, and by Frost & Sullivan.

About this role:

The Sr CYBER RISK CONSULTANT is a key Trusted Technical Advisor role, acting as a pivot between Customers / Partners, Balbix Engineering, Product Management & Marketing. In this role you will be working with the largest Balbix customers / partners to first deeply understand their IT and cyber architecture, processes, current solutions and gaps, and then determine how Balbix can help advance their Cyber Risk Management program, to enable continuous visibility into cyber risk posture, risk-based prioritization and remediation, as well as process and workflow automation, to effectively & efficiently reduce business risk. You will also act as an SME consultant for at least one cyber domain, collect customer requirements, work with Product Management and Marketing to translate them into product development roadmaps and with Engineering to identify best solutions for implementation. This role requires a consultative approach, customer advocacy attitude, doubled by advanced security solutions architecture knowledge, and hands-on experience.

You Will:

• Work with customers to understand their cyber architecture, tools, processes and gaps
• Design solutions to connect / integrate Balbix into customers’ existing cyber architectures
• Understand complex business problems and creatively architect solutions to address them
• Help customers architect an up-to-date, unified and comprehensive CAASM solution
• Design the RBVM practice, automating data collection, risk prioritization and remediation
• Integrate CRQ into RBVM, helping organizations unify, quantify and normalize cyber risk
• Help organizations effectively communicate cyber risk at technical and business levels
• Consult on customer / partner onboarding, Balbix configuration and integration workshops
• Educate customers / partners on the entire Balbix Platform, solutions and capabilities
• Help customers adopt the Balbix Platform and harvest all its AI-powered capabilities
• Champion at least one cyber domain, and provide thought-leadership as the SME>
• Dissimulate best practices internally and externally via blogs, webinars, workshops
• Proudly and confidently represent Balbix at various industry and partner events
• Act as a point of escalation for the Customer Success team and top Balbix customers
• Razor focus on Customer Satisfaction, identify objectives and track metrics / KPIs

You Have:

• BS / MS degree in Computer Science / IT / Cyber and a strong SaaS background
• 7+ years of experience working in customer-facing technical roles in cybersecurity
• 3+ years of hands-on experience in cyber, especially with RBVM, Compliance, CRQ
• Ability to understand and solve complex problems and clearly articulate solutions
• Experienced engaging with both operational and senior management stakeholders
• Experienced building & operating RBVM, CRQ programs, defining and tracking key metrics
• Breadth and depth of knowledge on threat landscape, attack techniques, risk modeling
• Familiarity and hands-on experience with key industry vendors in various tech domains
• Strong Networking – TCP/IP, R&S, L2/L3/L4+ tech., design, troubleshooting & ops
• Strong OS – Windows, Linux, MAC, Hypervisors – admin, architecture, troubleshooting
• Strong Cloud – AWS, Azure, GCP – securing I/P/S-aaS – CNAPP, CSPM, CWP, IaC, KCS
• Strong Security – FW/IPS, EDR/EPP, SIEM/XDR, CAASM, AppSec, RBVM, CRQ, Patching

Requirements:

• Experienced working for / with Big4 Consulting firms’ methodologies is a significant plus
• Experienced in MSSP service creation / development, from tech architecture to joint GTMs
• Experienced in building and running internal and external technical enablement programs
• Experienced speaking at large events as a tech evangelist, projecting thought-leadership
• SOC – Security Operations, IR, Threat Hunting, Malware and Forensic Analysis
• DevSecOps – CI/CD workflows, shift-left strategies, security scanning & tooling
• Container Security – Docker framework, Orchestration, scanning and reporting
• AppSec – Experienced in AppSec DevSecOps, scanning for OWASP top 10, controls
• Good understanding of GRC strategies and tools, Threat Intelligence, SIEMs, XDR
• Relevant industry certifications: CISSP, CEH, CCNP, Public Cloud (architect level)