*** Very long term project; initial PO for 1 year, expect to go for 4+ years ***Hybrid ( 3days per week Onsite ) at Raleigh, NC ***
Travel with NC may be required; expenses will be paid.
Short Description: Seeking an experienced Lead Consultant with strong technical expertise and the leadership skills necessary to develop the assessment strategy, manage the technical risk assessment team, and ensure consistent, high-quality execution across all counties .
Job Description:
This initiative covers county IT infrastructure including servers, desktops, networks, firewalls, user access provisioning, MFA, VPNs, security hardening procedures, vulnerability management, and patch management processes. The Technical Security Risk Assessment & Penetration Testing Lead Consultant will be responsible for designing and conducting technical security assessments, performing penetration testing activities, creating standardized methodologies and templates, and managing the assessment team’s assignments and project timelines. The consultant will also provide clear, non-technical communication of complex security topics to business leaders, CMS and stakeholders.
Skills/Requirements:
- 7+ years Experience in cybersecurity risk assessments and penetration testing.
- 5+ years Lead and perform technical security risk assessments on county IT environments (servers, desktops, networks, firewalls, IAM, MFA, VPNs, patching pro
- 7+ years Conduct internal/external penetration testing, vulnerability identification, and exploit validation
- 5+ years Develop a repeatable assessment methodology, templates, testing procedures, and reporting formats for use across 100 counties.
- 7+ years Manage and coordinate assessment team workloads, assignments, schedules, and deliverables.
- 7+ years Create and maintain project plans, timelines, and progress reports.
- 3+ years Familiarity with NIST, CIS Controls, ISO 27001, and related frameworks.
Never miss an opportunity! Create an alert based on the job you applied for.
