ASCERA · 23 hours ago
Security Compliance Consultant
United States
Full-time
Remote
Entry, Mid Level
2+ years expASCERA is a recognized C3PAO focused on helping organizations manage cyber risks and ensure compliance with industry standards. The Security Compliance Consultant will assist organizations in enhancing their security posture, conduct assessments for compliance certifications, and provide advisory services to clients on various compliance initiatives.
Computer & Network Security
No H1B
U.S. Citizen Only
Responsibilities
Leading cybersecurity gap assessments aligned with NIST SP 800-171 and Cybersecurity Maturity Model Certification (CMMC)
Supporting the day-to-day activities of engagements for external clients, as a contributing member of 112Cyber's customer-facing Cyber Risk & Compliance practice
Assist external customers in their FedRAMP, DFARS 7012, CMMC, and NIST 800-171 compliance initiatives
Applying cyber compliance / risk management knowledge, control principles and technical knowledge across cyber risk and compliance engagements
Consulting with end clients to gather requirements and understand our clients' key business and security challenges. Working with team members to advise on practical and cost-effective solutions to help mitigate our clients' cybersecurity risks and challenges
In depth knowledge of relevant security regulatory compliance requirements and translating those into business processes and security controls to enhance and support client's compliance and audit capabilities
Articulating and defending IT controls testing approach and performing test of design and operating effectiveness
Develop and deliver training to internal teams and customers
Establishing and maintaining effective working relationships with colleagues, existing clients, and prospective client organizations
Supporting the ASCERA product team and advising them on NIST continuous monitoring software
Conducting formal assessments of organizations' cybersecurity practices using the CMMC assessment process (CAP)
Collaborate with client organizations to plan assessments, develop assessment schedules, and ensure readiness
Assess the effectiveness of security practices and ensure they align with the CMMC practices and processes
Interview key personnel within the organization to understand how cybersecurity practices are implemented and maintained
Evaluate sufficiency and adequacy of evidence to verify implementation
Maintain an objective and unbiased stance during the assessment process, ensuring that conclusions are based on facts and evidence
Ensure that all documentation is properly prepared for submission to eMASS if the organization is seeking certification
Qualification
Required
CMMC Certified Assessor (CCA) or Certified Professional (CCP)
Security+, CySA+, CISA, CISM, SSCP, CISSP or other related certification
2 minimum years of experience testing and documenting IT security controls including experience managing and facilitating external IT audits
2 minimum years of experience leading external or internal audits, e.g., CMMC, FedRAMP, ISO 27001, PCI
2 minimum years of experience with cybersecurity
Self-driven, with a strong desire to succeed
Ability to engage with customers/executives and foster positive relationships
Exceptional communicator and ability to relay complex technical concepts to non-technical audience
Benefits
Competitive salary
Quarterly Bonus plan
Comprehensive medical, dental, and vision plans
401(k) with company match
30 days annual paid time off
Significant Training and Development and Certification attainment
Opportunity for long term career advancement
Your contributions are felt and recognized at our growing company
Company
ASCERA
ASCERA is a next-generation compliance software company focused on leveraging automation to minimize the pain of manual, administrative, and time-consuming tasks associated with security compliance.
11-50 employees
Funding
Current Stage
Early StageLeadership Team
Russ Miller
CTO
Company data provided by crunchbase