Job Title:
Location: Raleigh, NC -
Interview Type: Either Webcam Interview or In Person
Description:
Seeking an experienced Lead Consultant with strong technical expertise and the leadership skills necessary to develop the assessment strategy, manage the technical risk assessment team, and ensure consistent, high-quality execution across all counties.
The DHHS Privacy & Security Office is launching a large-scale cybersecurity initiative involving technical security risk assessments and penetration testing across 100 counties. This initiative covers county IT infrastructure, including servers, desktops, networks, firewalls, user access provisioning, MFA, VPNs, security hardening procedures, vulnerability management, and patch management processes. The Technical Security Risk Assessment & Penetration Testing Lead Consultant will be responsible for designing and conducting technical security assessments, performing penetration testing activities, creating standardized methodologies and templates, and managing the assessment team s assignments and project timelines. The consultant will also provide clear, non-technical communication of complex security topics to business leaders, CMS, and stakeholders.
Required/Desired Skills
Skill | Required /Desired | Amount | of Experience |
Experience in cybersecurity risk assessments and penetration testing. | Required | 7 | Years |
Lead and perform technical security risk assessments on county IT environments (servers, desktops, networks, firewalls, IAM, MFA, VPNs, patching pro | Required | 5 | Years |
Conduct internal/external penetration testing, vulnerability identification, and exploit validation | Required | 7 | Years |
Develop a repeatable assessment methodology, templates, testing procedures, and reporting formats for use across 100 counties. | Required | 5 | Years |
Manage and coordinate assessment team workloads, assignments, schedules, and deliverables. | Required | 7 | Years |
Create and maintain project plans, timelines, and progress reports. | Required | 7 | Years |
Familiarity with NIST, CIS Controls, ISO 27001, and related frameworks. | Required | 3 | Years |
Thanks,
Sumit Kumar
Sr. US IT Recruiter
Email:
Direct:
Never miss an opportunity! Create an alert based on the job you applied for.
