Cybersecurity Consultant involved in deploying security tools and supporting compliance projects in Andorra. Working with cross - functional teams to enhance cybersecurity measures and documentation.
About the role
- Cybersecurity Auditor performing security analyses and CCRI for NexThreat. Ensuring compliance with cybersecurity regulations and providing actionable recommendations.
Responsibilities
- Independently perform complex security analyses of classified and unclassified applications, systems, and enclaves to verify compliance with security requirements.
- Conduct Command Cyber Readiness Inspections (CCRI) and comprehensive cybersecurity vulnerability evaluations.
- Apply a broad set of security techniques, technologies, and tools to assess security posture in highly complex computer systems and networks.
- Perform vulnerability and risk analyses and participate in computer security penetration studies to identify and remediate security gaps.
- Analyze and define security requirements for computer and networking systems, including mainframes, workstations, and personal computers; recommend practical solutions to meet security requirements.
- Gather, organize, and interpret technical information about an organization’s mission goals and needs; translate findings into actionable security improvements.
- Provide enterprise-wide technical analysis and direction for problem definition, analysis, and remediation of complex systems and enclaves.
- Deliver actionable recommendations and advice to client executive management on system improvements, optimization, and ongoing maintenance across areas, including Information Systems Architecture, Automation, Telecommunications, and Networking, Communication Protocols, Application Software, Electronic Email, VOIP, and Video Teleconferencing (VTC).
- Demonstrate competence across all phases of information systems auditing, from planning and scoping to evidence collection, testing, reporting, and follow-up.
- Prepare clear, concise audit reports and executive summaries with prioritized remediation plans and realistic timelines.
- Collaborate with cross-functional teams (IT, security, operations, and management) to implement and validate corrective actions.
- Stay current with evolving cybersecurity threats, controls, standards, and regulatory requirements to maintain audit readiness.
Requirements
- Must possess a DoD SECRET Clearance and be eligible for an IT-II Non-Critical Sensitive clearance or Tier 3 (T3) upon assignment
- US Citizen, no Dual Citizenship
- Seven years of IT experience.
- Five years of IA (Information Assurance) experience.
- Strong analytical and problem-solving skills for resolving security issues.
- Strong skills in implementing and configuring networks and network components.
- Command Cyber Readiness Inspection (CCRI) experience in at least one of the following areas:
- - Nessus scan analysis
- - Operating Systems (Windows, Unix)
- - Boundary defense (network policy, router, firewall)
- - Internal defense (L2/L3 switches)
- - DNS policy and DNS servers (BIND/Windows)
- - HBSS (remote console, AV, ABM, PA, HIPS, ePO)
- - Traditional security (Common, Basic, NCV, SCV)
- - Wireless communications (BES, handhelds)
- - Tenable Certified Nessus Auditor
- Knowledge and understanding of DoD security regulations and DISA Security Technical Implementation Guides (STIGs)
- Understanding of SCAP (Security Content Automation Protocol)
- Familiarity with and proficiency in:
- - Vulnerability assessment tools (e.g., VULNERATOR, Nessus, SCCM)
- - USCYBERCOM CTO Compliance Program
- - Wireless vulnerability assessment
- - Web services (IIS, Apache, Proxy)
- - Databases (SQL Server, Oracle)
- - Email services (Exchange)
- - Vulnerability scans (NESSUS, SCCM)
- - Phishing exercises
- - Container image scans
- - USB security detection
- - Physical security considerations
- Familiarity with the AUTOCHECKLIST Tool (for audit checklists and evidence collection)
Benefits
- Potential for Telework: offsite work granted in advance in writing by the COR
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Microsoft Success Manager helping partners grow secure, scalable Microsoft practices across ANZ. Championing Microsoft security solutions and supporting partner success strategies in the region.
Assistant AVP overseeing a 5 - member team for Access Management services in Pune and Mumbai, ensuring high standards of service delivery and compliance.
Own global security systems infrastructure for QVC, managing access control and networked security systems across multiple regions. Collaborate with IT to ensure security and technology initiatives meet organizational needs.
Sales Account Manager growing ADAPTIT Cybersecurity business in Greece and Cyprus. Responsible for client relations, sales pipeline, and collaboration with the cybersecurity team.
Information Security Engineer focusing on Identity & Access Management and SSO at Westfield. Design, operate, and mature enterprise authentication and federation capabilities.
Cyber Security Engineer responsible for operational support and development activities with Ping Identity. Collaborate with global teams to strengthen cybersecurity and improve customer satisfaction.
Application Security Specialist focusing on security in software development lifecycle at Insight Investment in Manchester, driving DevSecOps practices across teams.
Cyber Security Engineer supporting mission - critical DoD contract at CACI. Involves reviewing infrastructure changes and implementing security measures in a cloud - based environment.
Security Incident Management Analyst coordinating information security incidents. Overseeing cyber incident response and providing guidance to senior management within a leading industrial software company.