Senior Cybersecurity Risk and Compliance Consultant

Senior Cybersecurity Risk and Compliance Consultant

POSITION OVERVIEW

The Senior Cybersecurity Risk and Compliance Consultant is responsible for conducting Cybersecurity gap assessments and ongoing consulting with our clients daily in Huntsville, Alabama. The Senior Cybersecurity Risk and Compliance Consultant should be familiar with multiple security frameworks such as National Institute of Standards (NIST 800-171), Risk Management Framework (RMF), Cybersecurity Framework (CSF), CIS Critical Security Controls (CIS Controls), Defense Federal Acquisition Regulation Supplement (DFARS), and Cybersecurity Maturity Model Certification (CMMC). In this position, you will conduct gap assessments through interviews and asking questions to determine the state of an environment while capturing evidence and artifacts to support the assessment results and effectively measure our client’s security posture and compliance.

Primary Duties

• Conduct Cybersecurity gap assessments and provide resulting reports
• Conduct Cybersecurity consulting engagements to assist with and partner on clients’ POA&M remediation efforts
• Manage and execute project-level tasks and milestones
• Educate clients on information security and applicable control requirements
• Baseline existing risks, exposure, framework, and compliance levels
• Advise on risk mitigation and remediation plans

Required Qualifications

• Subject Matter Expert (SME) in Cybersecurity Compliance
• SOC (Security Operations Center) knowledge and understanding of services within
• Three or more (3+) years of experience in the information security field
• Experience leading information security engagements with a preference for DFARS, NIST, and CMMC assessments, as well as reporting
• Experience authoring cybersecurity policies and procedures (to include Incident response, business continuity, disaster recovery, and more)
• One (1) or more of the following: Certified CMMC Professional (CCP), Certified CMMC Assessor (CCA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or equivalent certification
• Good time management, project management and problem-solving skills
• A desire to take on roles of increasing responsibility including defining services, managing teams, and coordinating resources
• Integrity: Ethical and respectful to clients and team
• Grit: Ability to self-motivate, self-manage, and meet deadlines when faced with competing priorities
• Customer-centric: Understand that partnership with our clients is a “win-win” scenario
• Selfless: Understand that when one team member succeeds, we all succeed
• Ability to review security architecture and advise on security requirements

Supervisor Responsibilities

N/A

Knowledge, Skills, and Abilities

10 Characteristics of Every Professional at MAD Security

1. Customer Service and Satisfaction First. Understanding and satisfying our customers is the cornerstone to our success. We must do what is necessary to meet those needs.
2. Expertise is our Specialty. The very word professional implies expertise, and technical competence is essential to our service-oriented structure. We must become an expert in the skills and tools we use in our operations, we must perform to the best of our abilities, and we must keep our knowledge up to date.
3. Do and Deliver More Than Expected. Professionals are expected to produce results. We strive to complete deliverables before they are due, of higher quality than anticipated, and under budget. Professionals exceed expectations whenever possible.
4. Deliver on What We Say and What We Can Do. Professionals deliver on promises made. We engage our brain before speaking; Before we say we can do something, we make sure we can do it.
5. Communicate Effectively. Whether verbal or written, professionals communicate clearly, concisely, thoroughly, and accurately. Effective communication is ultimately our responsibility as a professional.
6. Follow Exceptional Guiding Principles. Professionals adhere to high ethical values and principles. We appreciate and support our co-workers, practice good manners and proper etiquette, are honest and fair in all our dealings, and have a high ethical and moral standard.
7. Praise Our Co-workers. Professionals are humble and generous in their praise for others. We respect and acknowledge the talents and capabilities of our co-workers.
8. Share Knowledge. Professionals help their peers and co-workers and are respected for doing so. Information isn't a limited resource; our minds won't be emptied by giving away kernels of wisdom or experience. We think of knowledge as an ocean of facts and not a stream of data. It is possible to share what we know and stay one step ahead of the competition — professionals simply apply themselves to learn something new daily.
9. Express Gratitude. Professionals thank others in a meaningful way that most benefits the recipient.
10. Maintain the Right Attitude. Professionals are pleasant even during trying times.

Location and Work Environment

Onsite in Huntsville, Alabama. While performing the duties of this Job Description, the employee regularly works in an office setting.

Physical Demands

The physical demands described herein are representative of those which must be met by an employee to perform the Primary Duties of this Job Description successfully.

Travel

Occasional travel may be required.

Other Duties

Please note this Job Description is intended to describe the general nature and level of work to be performed by the employee(s) assigned to this Job Title. It is not designed to contain nor be interpreted as a comprehensive and/or all-inclusive list of duties, responsibilities, and qualifications. MAD Security, LLC reserves the right to amend and/or change responsibilities to meet business and organizational needs, as necessary, with or without notice.

About MAD Security, LLC

MAD Security, LLC, founded in 2010, is a veteran-owned cybersecurity provider dedicated to safeguarding business and simplifying the cybersecurity challenge by delivering compliance through cost-effective, results-driven solutions. Headquartered in Huntsville, Alabama, and recognized as a Top 250 MSSP by MSSP Alert, MAD Security delivers world-class, industry-leading managed services and technology solutions regularly to defense industry-based providers including aviation and aerospace, government contractors, financial institutions, technology services providers, higher education institutions, and manufacturing to manage risk, meet compliance requirements, and reduce costs.