Apply on Employer Site

New York State Technology Enterprise Corporation (NYSTEC) · 1 week ago

Senior Consultant - Cybersecurity Consultant

Albany, NY

Full-time

Hybrid

Mid, Senior Level

$84K/yr - $110K/yr

3+ years exp

New York State Technology Enterprise Corporation (NYSTEC) is a nonprofit technology consulting company that has been advising various agencies and organizations since 1996. As a cybersecurity consultant, you will perform security testing and risk assessments while providing expert guidance to clients in a client-facing role.

CharityInformation TechnologyNon Profit

Work & Life Balance

No H1B

Responsibilities

Conduct application security testing according to industry standards and using tools such as Burp Suite and WebInspect

Perform penetration testing of web applications, networks, and cloud infrastructure across client environments

Assess and secure cloud environments (Amazon Web Services [AWS] preferred) through configuration reviews, identity/access controls, and compliance validation

Provide advisory services to clients across multiple domains, including:

Identity and Access Management (IAM)

National Institute of Standards (NIST)-based security frameworks

Vulnerability management programs

Threat intelligence and monitoring

Prepare and deliver clear reports and presentations that communicate technical findings and recommendations to both technical and non-technical stakeholders

Collaborate with colleagues and client teams to implement and validate remediation efforts

Stay up to date with the latest vulnerabilities, tools, and security practices, and bring that expertise into client engagements

Qualification

Web security testingPenetration testingAWS cloud securityIdentityAccess ManagementNIST security frameworksVulnerability managementThreat intelligenceClient-facing experienceRelevant certificationsCommunication

Required

Background in web security testing and penetration testing methodologies and reporting

Familiarity with AWS cloud security practices and controls

Exposure to IAM, NIST, vulnerability management, and/or threat intelligence

Excellent communication skills with the ability to translate technical findings into actionable insights

Client-facing presence, with experience delivering results to both technical and executive-level stakeholders

A bachelor's degree and more than three years of related experience in cybersecurity consulting or related technical role. Experience should include hands-on, dynamic, application security testing with tools such as Burp Suite, WebInspect, and AppScan

An equivalent combination of advanced education, training, and experience will be considered

Preferred

Relevant certifications (e.g., Offensive Security Certified Professional [OSCP], Certified Ethical Hacker [CEH], AWS Security Specialty, Certified Information Systems Security Professional [CISSP]) are a plus