Senior Security Consultant - (FedRAMP)
Government Services – Senior Security Consultant
Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.
We are on a mission to make society a safer and more secure place. Our people are the ones who make that mission possible; a global community of talented individuals working together towards a safer future.
We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to help us in our mission, as a Senior Security Consultant.
NCC Group is always looking for amazing people to join our team. Government Services supports clients in meeting their legal and regulatory compliance requirements specifically related to the U.S. Government. A Senior Security Consultant (SSC) in our Government Services team must have the experience, technical skill, consulting finesse, and management skills required to deliver a broad variety of technically demanding projects. This role is for individuals with extensive security consulting experience or those who can immediately contribute at a senior level.
As a Senior Security Consultant, your role will focus on acting as a Project Lead, developing skills needed to deliver high-quality projects, and promoting the development of high performing teams through mentorship. SSCs are expected to:
- Experience with FedRAMP, StateRAMP, NIST 800-171 and NIST 800-53
- Demonstrated mastery of four (4) areas of Technical Competency, and subject matter expertise in one or more areas
- Over 2 years of experience as a Project Leader
- Authored final deliverable documentation for engagements
- Performed final review and QA on deliverables
- The ability to lead medium to large complex projects and supervise contributing resources
- Developed and delivered complex reports related to regulatory compliance
- Presented findings and recommendations to technical and executive audiences
At NCC Group we are passionate about passionate people. We are looking for an individual who thrives in an ever-changing environment; someone who can work with multiple teams to get the job done and deliver great work.
Required Candidate Attributes/Skills:
- Minimum of 5 years of experience in professional services
- Minimum of 3 years of experience in a Government Cybersecurity Consulting role
- Minimum of 2 years of experience in leading teams delivering professional services
- Minimum of 2 years of experience as a Penetration Tester (preferably as a lead)
Technical Competencies (included, but not limited to):
- Server/desktop operating systems (Windows, MacOSX, Linux, etc.)
- Office productivity tools; Word, Excel, and PowerPoint
- Data analytics; Access, MySQL, etc.
- Programming and/or scripting languages; Python, PowerShell, Linux shell scripting, etc.
- Compliance Assessment Standards
- FISMA/RMF for DoD IT
- CMMC/NIST SP 800-171
- Penetration Testing and Vulnerability Scanning of Government Systems per FedRAMP PMO/DoD Guidance, NIST SP 800-115, Cyber Essentials, OSSTM
- Physical Security Assessment to address FISMA, FedRAMP, DoD, CMMC and ISO/ISA requirements
- Risk Assessment per NIST SP 800-30 and SP 800-39
- Common Vulnerability Scoring System
- Third Party/Vendor Risk Assessment as per NIST SP 800-53 rev 5
- Security and Compliance Frameworks
- NIST FIPS, SPs, NISTIRs and other NIST publications
- ISO/IEC and ISA
Relevant Professional Certifications:
- Certificate of Cloud Auditing Knowledge (CCAK)
- GIAC Penetration Tester (GPEN)
- Licensed Penetration Tester (LPT)
- Certified Ethical Hacker (CEH)
- Certified Expert Pen Tester (CEPT)
- OSCP Certificate of Cloud Security Knowledge (CCSK)
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- High-level of professionalism, even in the midst of stressful engagements
- Outstanding attention to detail
- Ability to lead teams and multi-faceted projects effectively
- Self-motivated and a demonstrated self-starter
- Highly dependable; team player willing to perform any task necessary to help team succeed
- Excellent management skills
- Ability to work on multiple projects concurrently
- Willingness to travel >50%
About NCC Group
The NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.
We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.
Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative and we embrace difference. We treat everyone and everything with equal respect.
We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.
About your application
We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.