Security Consultant

Infotek is seeking a CMMC Pre-Assessment Security Consultant to support clients in achieving Cybersecurity Maturity Model Certification (CMMC) readiness. The ideal candidate will conduct pre-assessment evaluations, identify gaps in compliance, and provide actionable recommendations for system security enhancements. Key responsibilities include preparing detailed reports, assisting with policy and procedure documentation, and providing customer training on security tools and best practices. This role requires a CyberAB Registered Professional (RP) certification, CompTIA Security+ Certification, and a strong understanding of the CMMC framework and cybersecurity standards. This role will also be part of the internal security team to assist in maintaining and enhancing our FEDRAMP (M) Ready status.

Conduct pre-assessment evaluations of client systems against CMMC requirements.

Collaborate with clients to identify and document gaps in compliance.

Provide actionable recommendations to address deficiencies and achieve CMMC readiness.

Create and maintain comprehensive documentation, including system security plans (SSPs), plans of action and milestones (POA&Ms), and other compliance artifacts.

Stay up to date with CMMC framework updates and cybersecurity best practices.

Communicate technical findings to non-technical stakeholders effectively.

Support the preparation and submission of compliance reports as needed.

Engineer, implement and monitor security measures for the protection of computer systems, networks and information

Identify and define system security requirements

Assist designing computersecurity architecture and develop detailed designs

Prepare and document standard operating procedures and protocols

Configure and troubleshoot security infrastructure devices

Assist developing and develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks

Facilitate rapid incident response by ensuring the company quickly gathers and understands critical details about security incidents.

Prepare detailed reports that include assessment findings, outcomes, and recommendations to enhance system security.

Stay proficient in using various security tools and appliances and perform tasks as directed by management to support the organization's security goals.

Develop temporary or permanent security reports for customers, tailored to their specific needs and requests.

Provide incident summaries and actionable recommendations for security audits, as requested or assigned by management.

Schedule and execute regular maintenance activities to ensure optimal security operations.

Requirements

Strong understanding of networking principles, including TCP/IP, WANs, LANs, and commonly used protocols/standards such as DHCP, DNS, SMTP, HTTP(S), SSH, 802.11, 802.1x, and NetFlow.

Proficiency with encryption standards and tools, particularly in relation to FIPS compliance.

Hands-on experience with syslog management solutions and their application in security environments.

Familiarity with a wide range of information security tools and utilities.

Expertise in working with Microsoft Windows environments, including commands and system utilities.

Solid experience implementing and maintaining network security best practices.

Knowledge of IT audit processes and procedures, including compliance evaluations.

At least three (3) years of experience in a dedicated information security role.

A minimum of five (5) years of professional experience in a related information technology role.

CyberAB Registered Professional (RP) certification (required).

CompTIA Security+ Certification or other leading industry certification CISM, CISSP, CASP (required)

Strong understanding of the CMMC framework and its levels of certification.

Experience with NIST 800-171, DFARS 252.204-7012, and related compliance frameworks.

Proficiency in identifying, analyzing, and remediating cybersecurity risks.

Excellent written and verbal communication skills.

Strong organizational skills and attention to detail.

Ability to work independently and collaboratively in a team environment.

Experience working in a consulting role.

Familiarity with tools and platforms used for compliance management (e.g., eMASS, Risk Management Framework tools).

Background in IT systems, cybersecurity, or related field.

Benefits

Infotek Consulting offers an excellent benefits package that includes 100% fully paid employee only Health Coverage, 401k plan with company match, HSA with a company contribution, Healthcare FSA, Dependent Care FSA, generous PTO, holidays, sick time, and two paid days to volunteer your time for a cause important to you.

• Competitive pay
• Incentive compensation
• 100% company-paid employee-only health insurance
• Health Savings Account with a company contribution
• Healthcare Flexible Spending Account
• Dependent Care Flexible Spending Account
• 401K with company match
• Company provided basic life insurance
• Generous Paid Time Off
• Paid volunteer time
• Employee assistance plan
• Compensation range $65K-$80K
• And more!!!

#LI-Remote

Qualification

Certification