KLC Consulting, Inc.
Requirement for: Director, IT Risk Compliance – Tallahassee, FL
Contact: Maggie Manning: ,
Client: Florida Department of Corrections, Carlton Building at 501 South Calhoun Street and 315 South Calhoun Street, Tallahassee, FL
Due Date: May 4, 2026 by 10am EST
Term May 15, 2026 through June 30, 2026 with a possible one (1) year renewal term
The Department''s OIT is seeking the services of an experienced IT Risk Compliance Director.
LOCATION: The work shall be conducted on-site with the Department''s OIT at the Carlton Building at 501 South Calhoun Street and 315 South Calhoun Street, Tallahassee, Florida
SCOPE OF WORK/JOB CHARACTERISTICS: The IT Risk Compliance Director shall provide on-demand cybersecurity staff augmentation services to support the Department in proactively identifying, analyzing, and mitigating cybersecurity risks across its enterprise environment. The IT Risk Compliance Director services shall include, but are not limited to:
· Conduct comprehensive vulnerability assessments using industry-standard tools and methodologies;
· Perform penetration testing using a structured approach progressing from passive to active techniques;
· Identify and analyze Indicators of Compromise (IOCs), unauthorized access attempts, and data exfiltration risks;
· Manage misconfigurations and insecure network services;
· Apply and interpret Common Vulnerability Scoring System (CVSS) for risk prioritization;
· Conduct threat hunting activities to detect active or persistent threats within enterprise environments; and
· Provide incident response support, including containment, eradication, and recovery recommendations.
NOTE: This position is designated as “essential staff” and is expected to report for duty when instructed to do so in times of emergency or potential emergency as required by Section 33-208.002(4), Florida Administrative Code (F.A.C.)
NOTE: In addition to the above list, the selected Candidates must successfully complete a Level II Background Check.
Submissions Must Include
1. Candidate Resume(s) Include relevant experience, certifications, education, etc. related to the services requested in the Scope of Services.
2. Knowledge, Skills, and Abilities Matrix
3. References
4. Exhibit E - Resume Self-Certification Form
5. All selected candidates are required to complete the Department''s Security Awareness Training within 30 calendar days of hire.
Must Complete the following Education, Experience, and Skills Matrices
Education | Degree / Date of Graduation | University / School |
A bachelor’s or master’s degree from an accredited college or university in Computer Science, Information Systems, or other related field, | | |
Equivalent Experience | Years of Experience |
Or four (4) years of equivalent work experience is required. Relevant experience may be substituted for education on a year-for-year basis when applicable. | |
Preferred Relevant Industry Certifications | Certification # / Date of Certification | Certifier |
Certified Information Systems Security Professional (CISSP) | | |
Certified Ethical Hacker (CEH) | | |
Offensive Security Certified Professional (OSCP) | | |
Global Information Assurance Certification (GIAC) | | |
Certified Information Security Manager (CISM) | | |
Certified Information Systems Auditor (CISA) | | |
Other | | |
Required Experience, Skills, and/or Knowledge | Years of Experience | Year Skills Last Used |
Demonstrated experience providing cybersecurity services for large, complex enterprise environments, preferably within government or criminal justice agencies; | | |
Proven track record delivering threat hunting, vulnerability assessments, penetration testing (internal and external), and incident response services; | | |
Experience supporting environments subject to Criminal Justice Information Services (CJIS) Security Policy requirements; | | |
Ability to provide advisory services, including cybersecurity strategy, governance, risk, and compliance (GRC), and remediation planning; | | |
Minimum five (5) or more years of hands-on cybersecurity experience in one or more of the following: threat hunting and threat intelligence, penetration testing and ethical hacking, vulnerability management, and Incident response and digital forensics; and | | |
Demonstrated experience operating in both offensive security roles (e.g., red team, penetration testing) and defensive security roles (e.g., Security Operations Center [SOC], blue team, and incident response). | | |
Preferred Qualifications | Years of Experience | Year Skills Last Used |
Experience conducting red team and adversarial simulation exercises; | | |
Ability to support cybersecurity roadmap development and maturity assessments; | | |
Experience integrating with client Managed Service Providers (MSPs) and internal IT teams. | | |
References:
Reference 1
Reference contact’s name | |
Organization name | |
Job title held by the candidate while employed or contracted | |
Direct telephone number | |
Email address | |
Reference 2
Reference contact’s name | |
Organization name | |
Job title held by the candidate while employed or contracted | |
Direct telephone number | |
Email address | |
Reference 3
Reference contact’s name | |
Organization name | |
Job title held by the candidate while employed or contracted | |
Direct telephone number | |
Email address | |
Information Technology Staff Augmentation Services
Contract No. 80101507-23-STC-ITSA
Contract Exhibit E
Resume Self-Certification Form
Contractor’s candidates shall complete this Resume Self-Certification Form. Completed Resume Self-Certification Forms shall be submitted within the Contractor’s response to Customer’s requests for quote.
“I the undersigned do hereby certify, under the penalty of perjury, that information in my resume submitted for consideration of the State of Florida contract position is true, correct, complete, and made in good faith to the best of my knowledge and belief. If an omission, falsification, misstatement, or misrepresentation has been made regarding my education, work ability, experience, employment history, and/or fitness for employment as a contractor, I may be disqualified as a contractor, and the matter will be reported to appropriate agency or law enforcement personnel. I understand that there may be civil and/or criminal penalties for misrepresenting pertinent information in connection with contract positions, including, but not limited to, penalties available under sections 287.133 or 817.566, Florida Statutes. I further understand that if I am not a United States citizen, violation cases may be reported to the US Department of Homeland Security for potential deportation.”
“In addition, I the undersigned do hereby consent to the release of my information by employers, educational institutions, law enforcement agencies, and other individuals and organizations to investigators and other authorized agents of Florida for verification and investigation purposes.
I understand that any documents submitted to procure a contract(s) with the State of Florida, including resumes, are public records.”
Print Full Legal Name of Candidate
Candidate’s Signature Date
Candidate’s Form of Identification Presented Identification number
Contractor’s Witness Signature One Date Contractor’s Witness Signature Two Date
Print Name Contractor’s Witness One Print Name Contractor’s Witness Two
Never miss an opportunity! Create an alert based on the job you applied for.
