Security Consultant

Summary

Join Infotek as a CMMC Pre-Assessment Security Consultant and help clients achieve Cybersecurity Maturity Model Certification (CMMC) readiness. You will conduct pre-assessment evaluations, identify compliance gaps, and provide actionable recommendations. Key responsibilities include report preparation, policy documentation assistance, and customer training. This role demands a CyberAB Registered Professional (RP) certification, CompTIA Security+ Certification, and a strong CMMC framework understanding. You will also contribute to maintaining Infotek's FEDRAMP (M) Ready status. The position offers a competitive compensation package and benefits.

Requirements

• CyberAB Registered Professional (RP) certification (required)
• CompTIA Security+ Certification or other leading industry certification CISM, CISSP, CASP (required)
• Strong understanding of the CMMC framework and its levels of certification
• Experience with NIST 800-171, DFARS 252.204-7012, and related compliance frameworks
• Proficiency in identifying, analyzing, and remediating cybersecurity risks
• Excellent written and verbal communication skills
• Strong organizational skills and attention to detail
• Ability to work independently and collaboratively in a team environment
• Experience working in a consulting role
• Familiarity with tools and platforms used for compliance management (e.g., eMASS, Risk Management Framework tools)
• Background in IT systems, cybersecurity, or related field
• At least three (3) years of experience in a dedicated information security role
• A minimum of five (5) years of professional experience in a related information technology role

Responsibilities

• Conduct pre-assessment evaluations of client systems against CMMC requirements
• Collaborate with clients to identify and document gaps in compliance
• Provide actionable recommendations to address deficiencies and achieve CMMC readiness
• Create and maintain comprehensive documentation, including system security plans (SSPs), plans of action and milestones (POA&Ms), and other compliance artifacts
• Stay up to date with CMMC framework updates and cybersecurity best practices
• Communicate technical findings to non-technical stakeholders effectively
• Support the preparation and submission of compliance reports as needed
• Engineer, implement and monitor security measures for the protection of computer systems, networks and information
• Identify and define system security requirements
• Assist designing computer security architecture and develop detailed designs
• Prepare and document standard operating procedures and protocols
• Configure and troubleshoot security infrastructure devices
• Assist developing and develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Facilitate rapid incident response by ensuring the company quickly gathers and understands critical details about security incidents
• Prepare detailed reports that include assessment findings, outcomes, and recommendations to enhance system security
• Stay proficient in using various security tools and appliances and perform tasks as directed by management to support the organization’s security goals
• Develop temporary or permanent security reports for customers, tailored to their specific needs and requests
• Provide incident summaries and actionable recommendations for security audits, as requested or assigned by management
• Schedule and execute regular maintenance activities to ensure optimal security operations

Preferred Qualifications

• Strong understanding of networking principles, including TCP/IP, WANs, LANs, and commonly used protocols/standards such as DHCP, DNS, SMTP, HTTP(S), SSH, 802.11, 802.1x, and NetFlow
• Proficiency with encryption standards and tools, particularly in relation to FIPS compliance
• Hands-on experience with syslog management solutions and their application in security environments
• Familiarity with a wide range of information security tools and utilities
• Expertise in working with Microsoft Windows environments, including commands and system utilities
• Solid experience implementing and maintaining network security best practices
• Knowledge of IT audit processes and procedures, including compliance evaluations

Benefits

• 100% fully paid employee only Health Coverage
• 401k plan with company match
• HSA with a company contribution
• Healthcare FSA
• Dependent Care FSA
• Generous PTO
• Holidays
• Sick time
• Two paid days to volunteer your time for a cause important to you
• Competitive pay
• Incentive compensation
• 100% company-paid employee-only health insurance
• Health Savings Account with a company contribution
• Healthcare Flexible Spending Account
• Dependent Care Flexible Spending Account
• 401K with company match
• Company provided basic life insurance
• Generous Paid Time Off
• Paid volunteer time
• Employee assistance plan