Job ID: NC-788683
Hybrid/Local Security Analyst/ Program Director (15+) with NIST/CIS Controls/ISO, security servers/desktops/networks/firewalls/IAM/MFA/VPNs/patching pro experience
Location: Raleigh NC (NCDHHS Privacy and Security Office)
Duration: 12 Months
Position: 1 (2)
Skills:
Experience in cybersecurity risk assessments and penetration testing. Required 7 Years
Lead and perform technical security risk assessments on county IT environments (servers, desktops, networks, firewalls, IAM, MFA, VPNs, patching pro Required 5 Years
Conduct internal/external penetration testing, vulnerability identification, and exploit validation Required 7 Years
Develop a repeatable assessment methodology, templates, testing procedures, and reporting formats for use across 100 counties. Required 5 Years
Manage and coordinate assessment team workloads, assignments, schedules, and deliverables. Required 7 Years
Create and maintain project plans, timelines, and progress reports. Required 7 Years
Familiarity with NIST, CIS Controls, ISO 27001, and related frameworks. Required 3 Years
Job Description:
The DHHS Privacy & Security Office is launching a large-scale cybersecurity initiative involving technical security risk assessments and penetration testing across 100 counties. This initiative covers county IT infrastructure including servers, desktops, networks, firewalls, user access provisioning, MFA, VPNs, security hardening procedures, vulnerability management, and patch management processes. The Technical Security Risk Assessment & Penetration Testing Lead Consultant will be responsible for designing and conducting technical security assessments, performing penetration testing activities, creating standardized methodologies and templates, and managing the assessment team s assignments and project timelines. The consultant will also provide clear, non-technical communication of complex security topics to business leaders, CMS and stakeholders.
Never miss an opportunity! Create an alert based on the job you applied for.
