Cybersecurity Risk and Compliance Consultant

Cybersecurity Risk and Compliance Consultant 

POSITION OVERVIEW

The Cybersecurity Risk and Compliance Consultant responsible for conducting Cybersecurity gap assessments and ongoing consulting with our clients daily in Huntsville, Alabama. The Cybersecurity Risk and Compliance Consultant should be familiar with multiple security frameworks such as National Institute of Standards (NIST 800-171), Risk Management Framework (RMF), Cybersecurity Framework (CSF), CIS Critical Security Controls (CIS Controls), Defense Federal Acquisition Regulation Supplement (DFARS), and Cybersecurity Maturity Model Certification (CMMC).  In this position, you will conduct gap assessments through interviews and asking questions to determine the state of an environment while capturing evidence and artifacts to support the assessment results and effectively measure our client’s security posture and compliance.

Primary Duties

• Conduct Cybersecurity gap assessments and provide resulting reports
• Conduct Cybersecurity consulting engagements to assist with and partner on clients’ POA&M remediation efforts
• Manage and execute project-level tasks and milestones
• Educate clients on information security and applicable control requirements
• Baseline existing risks, exposure, framework, and compliance levels
• Advise on risk mitigation and remediation plans

Required Qualifications

• SOC (Security Operations Center) knowledge and understanding of services within
• 1 or more (1 ) years of experience in the information security field
• Experience leading information security engagements with a preference for DFARS, NIST, and CMMC assessments, as well as reporting
• Experience authoring cybersecurity policies, and procedures (to include Incident response, business continuity, disaster recovery, and more)
• One (1) or more of the following: Certified CMMC Professional (CCP), Certified CMMC Assessor (CCA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Security , or equivalent certification
• Good time management, project management and problem-solving skills
• A desire to take on roles of increasing responsibility including defining services, managing teams, and coordinating resources
• Integrity: Ethical and respectful to clients and team
• Grit: Ability to self-motivate, self-manage, and meet deadlines when faced with competing priorities
• Customer-centric: Understand that partnership with our clients is a “win-win” scenario
• Selfless: Understand that when one team member succeeds, we all succeed
• Ability to review security architecture and advise on security requirements

Supervisor Responsibilities

N/A

Knowledge, Skills, and Abilities

10 Characteristics of Every Professional at MAD Security
 

1. Customer Service and Satisfaction First. Understanding and satisfying our customers is the cornerstone to our success. We must do what is necessary to meet those needs.
2. Expertise is our Specialty. The very word professional implies expertise, and technical competence is essential to our service-oriented structure. We must become an expert in the skills and tools we use in our operations, we must perform to the best of our abilities, and we must keep our knowledge up to date.
3. Do and Deliver More Than Expected. Professionals are expected to produce results. We strive to complete deliverables before they are due, of higher quality than anticipated, and under budget. Professionals exceed expectations whenever possible.
4. Deliver on What We Say and What We Can Do. Professionals deliver on promises made. We engage our brain before speaking; Before we say we can do something, we make sure we can do it.
5. Communicate Effectively. Whether verbal or written, professionals communicate clearly, concisely, thoroughly, and accurately. Effective communication is ultimately our responsibility as a professional.
6. Follow Exceptional Guiding Principles. Professionals adhere to high ethical values and principles. We appreciate and support our co-workers, practice good manners and proper etiquette, are honest and fair in all our dealings, and have a high ethical and moral standard.
7. Praise Our Co-workers. Professionals are humble and generous in their praise for others. We respect and acknowledge the talents and capabilities of our co-workers.
8. Share Knowledge. Professionals help their peers and co-workers and are respected for doing so. Information isn't a limited resource; our minds won't be emptied by giving away kernels of wisdom or experience. We think of knowledge as an ocean of facts and not a stream of data. It is possible to share what we know and stay one step ahead of the competition — professionals simply apply themselves to learn something new daily.
9. Express Gratitude. Professionals thank others in a meaningful way that most benefits the recipient.
10. Maintain the Right Attitude. Professionals are pleasant even during trying times.

Location and Work Environment

Onsite in Huntsville, Alabama. While performing the duties of this Job Description, the employee regularly works in an office setting.

Physical Demands

The physical demands described herein are representative of those which much be met by an employee to perform the Primary Duties of this Job Description successfully.

Travel

Occasional travel may be required.

Other Duties

Please note this Job Description is intended to describe the general nature and level of work to be performed by the employee(s) assigned to this Job Title. It is not designed to contain nor be interpreted as a comprehensive and/or all-inclusive list of duties, responsibilities, and qualifications. MAD Security, LLC reserves the right to amend and/or change responsibilities to meet business and organizational needs, as necessary, with or without notice.

About MAD Security, LLC

Founded in 2010, MAD Security is a Service-Disabled Veteran-Owned Small Business (SDVOSB) and a leading Managed Security Services Provider (MSSP). We specialize in safeguarding the defense industrial base, maritime, and government contractors with tailored cybersecurity solutions. Our robust services include SOC-as-a-Service (SOCaaS), Managed Detection and Response (MDR), Incident Response, GRC Gap Assessments, User Awareness Training, and Penetration Testing.

MAD Security integrates NIST frameworks into every solution, ensuring compliance with the highest federal standards while simplifying cybersecurity challenges for our clients. Recognized as a Top 250 MSSP for four consecutive years, we excel in providing proactive threat detection and mitigation through our award-winning Security Operations Center (SOC).

As a CMMC Registered Provider Organization (RPO), we have guided numerous contractors through CMMC Level 2 readiness, achieving milestones like perfect SPRS scores of 110 for clients. Our commitment to passion, integrity, and professionalism positions us as a trusted partner for defense and government organizations.

To learn more, visit www.madsecurity.com.