Check out this new opportunity!Senior Cybersecurity Risk & Compliance Consultant
Onsite in Huntsville, AL
Responsibilities:
The CRC Consultant responsible for conducting Cybersecurity gap assessments and ongoing consulting with our clients. In this position, you will conduct gap assessments through interviews and asking questions to determine the state of an environment while capturing evidence and artifacts to support the assessment results and effectively measure our client’s security posture and compliance
Conduct cybersecurity gap assessments and compliance consulting to evaluate and improve client security postures.
Lead client interviews and evidence collection for frameworks including NIST 800-171, RMF, CMMC, DFARS, and CIS Controls.
Deliver comprehensive reports detailing findings, baseline risk, and actionable remediation plans.
Provide expert guidance on POA&M remediation and mitigation strategies.
Educate clients on information security standards and applicable control requirements.
Support policy and procedure development, including incident response, business continuity, and disaster recovery plans.
Manage engagement tasks, project milestones, and client communication throughout the lifecycle.
Qualifications:
U.S. Citizenship required by Federal law and ability to obtain a DoD Clearance may be required
Bachelor’s degree in Cybersecurity, Information Systems, or related field preferred (equivalent experience considered)
Familiar with multiple security frameworks such as National Institute of Standards (NIST 800-171), Risk Management Framework (RMF), Cybersecurity Framework (CSF), CIS Critical Security Controls (CIS Controls), Defense Federal Acquisition Regulation Supplement (DFARS), and Cybersecurity Maturity Model Certification (CMMC).
In-depth knowledge of compliance frameworks including NIST 800-171, DFARS, CMMC, and RMF.
Hands-on experience leading cybersecurity assessments and writing related documentation.
Experience with SOC operations and reviewing security architecture to advise on technical controls.
Demonstrated ability to author cybersecurity policies and procedures across multiple domains.
One or more relevant certifications: CISSP, CISM, CISA, Certified CMMC Professional (CCP), Certified CMMC Assessor (CCA), or equivalent.
Occasional travel may be required.
Moseley Technical Services, Inc. is an AA/EEO/Veterans/Disabled Employer
Still have questions? Reach out toJarrett at Jarrett.Leemoseleytechnical.comWhat to ExpectMoseley Technical Services, Inc. (Moseley) was incorporated in 1994 to provide engineering and professional services to the aerospace/defense, manufacturing, government, and commercial industries. Our Mission is to deliver superior service to our customers and employees. We have been successful in our vision by building long-term relationships with customers and employees through integrity, transparency, and appreciation.
- To apply, send resume to: resumesmoseleytechnical.com
- For more active job openings: Careers at Moseley Technical
- For more information about us: Moseley Technical - Mission and Values!
"We stand by our 30 year-old commitment of “World Class Service. World Class Company.”
