To perform technical assessments and CIS assessments as a security consultant or security auditor, using expertise in cybersecurity and knowledge of established cybersecurity frameworks such as NIST standards and regulations such as FERPA and GLBA to identify potential vulnerabilities and weaknesses in an institution’s IT systems, networks, and applications, and provide recommendations for improving their security posture.
Travel: Up to 50%
The job accountabilities for the cybersecurity consultant who performs technical assessments and CIS assessments may include:
1. Conducting technical assessments of an institution’s IT systems, networks, and applications to identify potential vulnerabilities and weaknesses.
2. Developing and executing comprehensive test plans to assess the effectiveness of security controls and identify gaps.
3. Analyzing and interpreting data collected during assessments to provide recommendations for improving the organization’s security posture.
4. Documenting findings and recommendations in clear, concise reports and presenting them to key stakeholders.
5. Collaborating with other cybersecurity professionals, such as CISOs, penetration testers, security engineers, and incident response SMEs, to ensure a coordinated response to security incidents.
6. Providing guidance and expertise to internal teams on security best practices and industry standards.
7. Staying up-to-date with the latest security trends, vulnerabilities, and threat vectors to ensure assessments are comprehensive, effective, and practical.
8. Conducting research and testing of new security tools and techniques to improve assessment methodologies continuously.
9. Assisting in the development and implementation of security policies, procedures, and training programs.
10. Participating in ongoing risk assessments and audits to ensure that client security measures are effective and meet regulatory requirements.
- 3-5 years of experience in a cybersecurity-related role, such as a CISO, security analyst, penetration tester, or IT auditor.
- Experience conducting technical assessments of IT systems, networks, and applications to identify vulnerabilities and weaknesses.
- Experience working with industry-standard security frameworks such as CIS Controls, NIST CSF, and ISO 27001/27002.
- Experience providing recommendations for improving an organization’s security posture based on assessment findings.
- Experience presenting complex technical information to both technical and non-technical stakeholders.
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, related field, or equivalent experience.
- Professional certifications such as CISSP, CISM, CISA, or GIAC certifications may be preferred or required.
- Advanced degrees in Cybersecurity or a related field may be preferred or required for more senior positions.
- Knowledge of industry-standard security frameworks such as CIS Controls, NIST CSF, and ISO 27001/27002.
- Knowledge of common attack vectors and techniques used by cybercriminals and threat actors.
- Knowledge of network and system architecture, including cloud-based environments and virtualization technologies.
- Knowledge of regulatory requirements and compliance standards, such as FERPA, GLBA, PCI DSS and HIPAA.
- Knowledge of vulnerability assessment and penetration testing methodologies.
- Strong analytical and problem-solving skills to identify and assess potential security risks.
- Excellent written and verbal communication skills to clearly and concisely present findings and recommendations to technical and non-technical audiences.
- Strong project management skills to effectively plan and execute security assessments.
- Advanced technical skills in using specialized security tools and technologies to conduct assessments.
- Strong interpersonal skills to build relationships with internal and external stakeholders.
- Ability to work independently and manage multiple tasks and priorities effectively.
- Ability to adapt to changing technologies and threats in the cybersecurity landscape.
- Ability to work collaboratively with other cybersecurity professionals and stakeholders across the organization.
- Ability to stay up-to-date with the latest security trends, vulnerabilities, and threat vectors to ensure assessments are comprehensive, effective, and practical.
- Ability to work effectively under pressure and meet tight deadlines.
Nice to Have
- Strong understanding of OSINT methods
- Experience with Kali Linux and the tools within, such as Metasploit.
- Experience with cloud security and familiarity with cloud service providers such as AWS, Azure, and Google Cloud Platform.
- Familiarity with DevOps and agile development methodologies.
- Experience with red teaming or ethical hacking.
- Familiarity with threat modeling and risk assessment methodologies.
- Familiarity with big data analytics and machine learning for threat detection and response.
- Experience with incident response planning and execution.
- Strong presentation and public speaking skills to deliver security-related presentations and training.
- Strong leadership skills to manage and mentor junior team members.
What You Can Expect from Us
At CampusWorks, we don’t just help our clients succeed; we help our employees succeed. Competitive pay, robust benefits for full-time employees, and professional development opportunities are a few of the many reasons that CampusWorks is a great place to build your career. Our employees enjoy:
Meaningful work. Our employees often tell us that their work gives them a sense of purpose because it makes a difference in the lives of students and educators.
A CEO who cares. Chairman and CEO Liz Murphy has made it her mission to create a culture that appreciates and takes good care of its people. As a result, being an employee of CampusWorks feels like being a member of a big family.
A virtual and onsite workplace. In an effort to reduce our environmental footprint, CampusWorks became a virtual company in 2012. As such, our team members are located across the U.S. and Canada, where they work from their home offices and at client sites.
Flexibility. We value work-life balance because we know that happy employees create happy customers. That’s why CampusWorks offers both full-time and part-time 1099 consulting career opportunities to fit life’s unique demands.
A company that gives back. Every year CampusWorks proudly supports numerous charitable fundraising initiatives that align with our vision to make higher education accessible to everyone.
Founded in 1999, CampusWorks is dedicated to helping higher education overcome business and technological challenges that stand in the way of student success and completion. We work with community colleges, technical colleges, four-year public and private institutions, multi-college districts, and statewide higher education systems to tackle problems big and small. Our services are rooted in systems thinking and reach across the institution—from Student Services to Human Resources to Finance to Academics—to achieve transformative results.
AAP/EEO Statement: CampusWorks, Inc. provides equal employment opportunities (EEO) and Affirmative Actions (AA) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws.
- Address Richmond, VA, USA
- Salary Offer $50.000 ~ $100.000
- Experience Level Junior
- Total Years Experience 0-5