Cybersecurity Consultant /Project Manager

Certification:

• CISSP (Certified Information Systems Security Professional) or equivalent preferred
• CISM / CISA preferred
• PMP (Project Management Professional) strongly preferred
• ISO 27001 Lead Implementer/Auditor (preferred)
• GIAC certifications (GCIH, GCIA, GSEC) a plus

Job Description:
The Lead Cybersecurity Consultant / Project Manager will serve as the primary engagement lead responsible for executing the full cybersecurity assessment, governance framework development, and roadmap delivery for the City of Norcross IT environment. This role will align city-wide cybersecurity strategy with the NIST Cybersecurity Framework, CIS Critical Security Controls v8, and applicable compliance requirements including CJIS, HIPAA (where applicable), and ISO 27001 standards.

The role includes direct coordination with Georgia Technology Authority initiatives and alignment with State and Local Cybersecurity Grant Program (SLCGP) objectives. The consultant will lead risk assessment activities, policy development, stakeholder workshops, and implementation planning to establish a Zero Trust-aligned cybersecurity governance model.

Required Skills:

• Strong expertise in NIST CSF, NIST RMF (SP 800-37), and CIS Controls v8
• Experience leading municipal or government cybersecurity transformation programs
• Proven capability in enterprise risk assessments, gap analysis, and maturity modeling
• Strong understanding of Zero Trust architecture principles
• Experience developing cybersecurity policies (IR, BC/DR, IAM, vendor risk management)
• Ability to manage multi-department stakeholder environments (IT, Police, Utilities, E-911)
• Experience with cloud security governance and hybrid infrastructure environments
• Strong program/project management skills (agile and waterfall methodologies)
• Experience supporting federally funded cybersecurity programs (e.g., SLCGP, CISA-aligned initiatives)
• Excellent communication, reporting, and executive presentation skills