Support the planning and execution of cybersecurity risk assessments, control reviews, and compliance engagements for clients across multiple industries
Evaluate client policies, procedures, technical controls, and supporting evidence against applicable frameworks, standards, and regulatory requirements
Identify cybersecurity risks, control gaps, and process improvement opportunities, and assist in developing practical recommendations
Prepare high-quality workpapers, gap assessment summaries, reports, spreadsheets, and presentation materials
Participate in client interviews, walkthroughs, evidence review sessions, and status meetings
Map controls and requirements across frameworks such as NIST CSF, NIST 800-53, NIST 800-171, CMMC, and PCI DSS
Support or perform vulnerability assessments and limited penetration testing activities, depending on engagement scope and experience
Assist with PCI-related assessments and compliance support activities, including documentation review, scoping discussions, and control validation
Research cybersecurity requirements, industry trends, and emerging risks relevant to client engagements
Collaborate with engagement teams to manage timelines, track requests, and support project delivery
Contribute to internal methodology development, template improvement, training, and practice growth initiatives
Perform other duties as assigned
Required Qualifications
Bachelor’s degree in Cybersecurity, Information Systems, Information Technology,
Computer Science, Accounting Information Systems, or a related field
Minimum of 2 years of relevant professional experience in cybersecurity, IT risk, compliance, IT audit, security consulting, or a related field
Working knowledge of cybersecurity frameworks and standards such as NIST CSF, NIST SP 800-53, NIST SP 800-171, CMMC, CIS Controls, and/or PCI DSS
Experience assessing or reviewing security controls, policies, configurations, or evidence in a professional environment
Strong written and verbal communication skills, including the ability to clearly document observations and recommendations
Strong analytical, organizational, and problem-solving skills
Ability to manage multiple assignments and deadlines in a client service environment
Proficiency in Microsoft Office applications, including Word, Excel, and PowerPoint
Ability to handle confidential and sensitive information with discretion and professionalism
Preferred Qualifications
Experience in consulting, advisory, public accounting, internal audit, or professional services environment
Experience supporting cybersecurity assessments, gap analyses, readiness reviews, or compliance initiatives
Exposure to PCI DSS assessments, vulnerability scanning, penetration testing support, or security configuration reviews
Familiarity with cloud environments such as Microsoft Azure or AWS
Familiarity with security tools such as vulnerability scanners, endpoint tools, SIEM platforms, or ticketing/workflow systems
Industry certifications such as Security+, CySA+, CISSP, CISA, CRISC, PCI ISA, or similar are a plus
Knowledge, Skills, and Abilities
Understanding of cybersecurity principles including access management, vulnerability management, system hardening, logging and monitoring, incident response, and data protection
Ability to interpret cybersecurity requirements and apply them in real-world business and technical environments
Strong attention to detail and commitment to producing accurate, professional, and well-supported work product
Ability to communicate effectively with both technical and non-technical stakeholders
Sound judgment and the ability to identify and escalate issues appropriately
Team-oriented mindset with a willingness to collaborate and support others
Strong client service orientation and professional presence
Eagerness to continue learning and developing technical, compliance, and consulting skills