Senior Security Consultant

Summary

Join Infotek as a Senior Security Consultant to lead clients in achieving CMMC readiness and maintain our FEDRAMP (M) Ready status. You will leverage your deep understanding of cybersecurity frameworks to conduct pre-assessment evaluations, develop advanced security strategies, and engineer security solutions. This role demands expertise in CMMC, NIST, and other compliance frameworks, along with strong communication and leadership skills. You will create comprehensive documentation, provide guidance to clients and internal teams, and mentor junior consultants. A CyberAB Registered Professional (RP) certification and either a CISSP, CISM, or CASP certification are required, along with extensive experience in IT security and compliance.

Requirements

• Possess expert knowledge of networking principles, including TCP/IP, WANs, LANs, and protocols such as DHCP, DNS, SMTP, HTTP(S), SSH, 802.11, and 802.1x
• Be proficient with encryption standards (FIPS), syslog management solutions, and advanced security tools
• Have extensive experience in IT audits, network security practices, and compliance frameworks, including NIST 800-171 and DFARS 252.204-7012
• Have a strong background in Microsoft Windows environments, including systems commands and utilities
• Have a minimum of seven (7) years in a dedicated information security role
• Have at least ten (10) years of experience in information technology or related fields
• Have a proven track record in leading cybersecurity initiatives, including compliance and risk management projects
• Obtain CyberAB Registered Professional (RP) certification
• Obtain CISSP, CISM, or CASP certification
• Possess an advanced understanding of the CMMC framework, cybersecurity risk analysis, and remediation strategies
• Have experience with compliance tools like eMASS and Risk Management Framework tools
• Possess excellent communication skills with the ability to convey technical findings to both technical and non-technical audiences
• Possess strong organizational skills and the ability to prioritize complex projects effectively

Responsibilities

• Lead pre-assessment evaluations of client systems, identifying gaps in compliance and developing comprehensive remediation strategies
• Design, implement, and oversee advanced security measures to safeguard computer systems, networks, and sensitive data
• Engineer solutions and design secure architectures to meet compliance and operational requirements
• Develop, document, and maintain security policies, procedures, and protocols in alignment with industry standards
• Monitor, configure, and troubleshoot security infrastructure devices to ensure continuous protection
• Create detailed security documentation, including system security plans (SSPs), plans of action and milestones (POA&Ms), and compliance artifacts
• Develop and deliver technical solutions and innovative security tools to address vulnerabilities and automate repeatable tasks
• Act as a technical advisor to clients, providing expert guidance on CMMC readiness, IT audits, and security best practices
• Facilitate incident response processes, ensuring rapid gathering and analysis of critical information for effective decision-making
• Conduct customer training on advanced security tools and compliance processes
• Stay current with updates to CMMC, NIST, and cybersecurity trends, incorporating changes into client and internal security programs
• Mentor junior consultants and support knowledge-sharing initiatives across the team

Benefits

• 100% fully paid employee-only Health Coverage
• 401k plan with company match
• HSA with a company contribution
• Healthcare FSA
• Dependent Care FSA
• Generous PTO
• Holidays
• Sick time
• Two paid days to volunteer your time for a cause important to you
• Competitive pay
• Incentive compensation
• Company provided basic life insurance
• Employee assistance plan