Find your next cybersecurity opportunity


Associate Security Consultant - (FedRAMP)

NCC Group

NCC Group

United States · Remote
Posted on Saturday, March 23, 2024

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

We are on a mission to make society a safer and more secure place. Our people are the ones who make that mission possible; a global community of talented individuals working together towards a safer future.

We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to help us in our mission, as an Associate Security Consultant for Government Services.

The Opportunity:

NCC Group is always looking for amazing people to join our team. Government Services supports clients in meeting their legal and regulatory compliance requirements specifically related to the U.S. Government. This role is for individuals with a few years of security consulting experience or those who can immediately contribute at an associate level.

The Challenge:

We are looking for people with:

  • Experience with FedRAMP, StateRAMP, NIST 800-171 and NIST 800-53
  • Demonstrated experience of four (4) areas of Technical Competency, and subject matter expertise in one or more areas
  • Authored or assisted with final deliverable documentation for engagements
  • Performed final review and QA on deliverables
  • The ability to assist with medium to large complex projects and supervise contributing resources
  • Developed and delivered complex reports related to regulatory compliance
  • Presented findings and recommendations to technical and executive audiences

Essential Skills:

At NCC Group we are passionate about passionate people. We are looking for an individual who thrives in an ever-changing environment; someone who can work with multiple teams to get the job done and deliver great work.

Required Candidate Attributes/Skills:

  • Minimum of 2 years of experience in professional services
  • Minimum of 2 years of experience in a Government Services

Technical Competencies (included, but not limited to):

  • Server/desktop operating systems (Windows, MacOSX, Linux, etc.)
  • Office productivity tools; Word, Excel, and PowerPoint
  • Data analytics; Access, MySQL, etc.
  • Programming and/or scripting languages; Python, PowerShell, Linux shell scripting, etc.
  • Compliance Assessment Standards
  • FISMA/RMF for DoD IT
  • FedRAMP
  • CMMC/NIST SP 800-171
  • Penetration Testing and Vulnerability Scanning of Government Systems per FedRAMP PMO/DoD Guidance, NIST SP 800-115, Cyber Essentials, OSSTM
  • Physical Security Assessment to address FISMA, FedRAMP, DoD, CMMC and ISO/ISA requirements
  • Risk Assessment per NIST SP 800-30 and SP 800-39
  • Common Vulnerability Scoring System
  • Third Party/Vendor Risk Assessment as per NIST SP 800-53 rev 5
  • Security and Compliance Frameworks
  • NIST FIPS, SPs, NISTIRs and other NIST publications
  • ISO/IEC and ISA

Relevant Professional Certifications:

  • Certificate of Cloud Auditing Knowledge (CCAK)
  • GIAC Penetration Tester (GPEN)
  • Licensed Penetration Tester (LPT)
  • Certified Ethical Hacker (CEH)
  • Certified Expert Pen Tester (CEPT)
  • PenTest+
  • OSCP Certificate of Cloud Security Knowledge (CCSK)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)

Personal Qualities

  • High-level of professionalism, even in the midst of stressful engagements
  • Outstanding attention to detail
  • Self-motivated and a demonstrated self-starter
  • Highly dependable; team player willing to perform any task necessary to help team succeed
  • Ability to work on multiple projects concurrently

What do we offer in return?

We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:

⏰Flexible working

💸 Financial & Investment

  • 401K - 5% Match – Vested Immediately

  • Employee Stock Purchase Plan

  • Maternity & Paternity leave

  • 15 Days Paid Vacation + 2 Floating Holidays

  • Competitive Vision, Dental, Health Insurance

🧑🏻‍🤝‍🧑🏻 Employee Referral Program

🎓 Learning & Development

👨🏿‍🦽 Diversity & Inclusion

So, what’s next?

If this sounds like the right opportunity for you, then we would love to hear from you! Click on apply to this job to send us your CV and cover letter and the relevant member of our global talent team will be in touch with you. Alternatively send your details to global.ta@nccgroup.com .

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy (candidate-privacy-notice-261023.pdf (nccgroupplc.com)). We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.