As a Cybersecurity and Data Privacy Consultant at Cyber Guard Pro™ , you will deliver:

• Risk Assessment & Mitigation: Conduct comprehensive security assessments to identify vulnerabilities, threats, and risks across client environments. Provide actionable recommendations and strategic guidance to improve security posture.
• Security Assessments: Perform regular internal and external security assessments and/or audits for clients, ensuring compliance with relevant security frameworks (e.g., ISO 27001, NIST, GDPR, CMMC, HIPAA PCI DSS) and industry best practices.
• AI Architecture set-up, deployment and implementation services including architecting and developing data security and privacy schema for AI, GenAI or machine learning (ML) solutions.
• Incident Response: Assist clients in responding to and recovering from security incidents, including data breaches, malware attacks, and network intrusions. Develop and implement incident response plans and procedures.
• Network & System Security: Design, implement, and optimize network and system security solutions, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security technologies, including XDR, MDR and EDR.
• Zero Trust (ZT) services that protect networks, applications, and data by enforcing strict identity authentication and authorization. This includes solutions for: multi-factor authentication (MFA) and single sign-on (SSO); macro- and micro-segmentation of networks; continuous monitoring and validation of users, devices, and workloads; dynamic access control policies; secure access service edge (SASE) and unified SD-WAN; and centralized cloud native service
• Compliance & Regulatory Consulting: Provide expert advice on cybersecurity compliance requirements, industry regulations, and help clients prepare for audits, regulatory compliance and certifications.
• Client Training & Awareness: Conduct security awareness training and provide ongoing education to clients on current threats, safe practices, phishing campaigns, and how to maintain secure digital environments.
• Cyber hygiene: help customers stay up-to-date on emerging cyber threats and technologies, and integrate these insights into client strategies, ensuring proactive risk management.

• Expertise in Cybersecurity Frameworks: Familiarity with security frameworks and standards, including NIST, ISO 27001, CIS, CMMC and GDPR.
• Network Security: In-depth understanding of firewalls, VPNs, IDS/IPS, SIEM tools, and other network security technologies.
• AI Architecture: acumen and experience architecting and developing AI, GenAI or machine learning (ML) solutions on platforms such as AWS, Databricks, Azure, Google Cloud and OpenAI. Hands-on experience with Deep Learning, LLM, Python, TensorFlow, PyTorch and other AI frameworks. Experience bringing a GenAI project through production and implementation.
• Incident Response: Proven experience in handling, analyzing, and mitigating cybersecurity incidents and breaches, including forensic analysis and reporting.
• Cloud Security: Practical experience securing cloud platforms (AWS, Azure, GCP) and expertise in cloud-native security controls, identity management, and encryption techniques.
• Security Tools & Technologies: Proficient with SOC security tools and software, including endpoint protection platforms (EPP), SIEMs, vulnerability scanning tools, and threat intelligence platforms.
• Regulatory Knowledge: Understanding of industry regulations and standards, such as GDPR, HIPAA, SOC 2, PCI DSS, NIST CSF, CMMC and how to implement them in real-world environments.
• Problem-Solving & Critical Thinking: Strong analytical skills with the ability to assess complex security issues and devise effective solutions.
• Communication & Reporting: Excellent verbal and written communication skills. Ability to clearly explain technical security concepts to both technical and non-technical stakeholders.

• Certifications: Certifications such as CISSP, CISM, CISA, CRISC, GCIH, PMP, CCSP, Microsoft Azure, AWS, GCP, CompTIA Security+, or similar industry-recognized credentials are highly desirable. Penetration Testing: Hands-on experience with penetration testing and vulnerability assessment tools (e.g., Metasploit, Burp Suite, Nessus, Kali Linux).
• Security Automation: Knowledge of automation tools and scripts (e.g., Python, PowerShell) to streamline security processes and tasks. AI Architecture

Success Factors

Exceed the expectations of our residential and business clients through superior service, simple processes, and effective communications.

We deliver on this mission by empowering our employees by encouraging and recognizing superior performance and innovative solutions, by promoting teamwork, learning and cooperation.

Primary Function

We are a Managed Security Services Provider (MSSP): This position is a SME contributor as a part of the Information Security Operations Center (SOC) group. This individual must have broad knowledge of cybersecurity related disciplines and auditing methodology. This role is a mix of Security Analyst, Helpdesk SME, GRC specialist and Auditor. The individual is responsible for Security related tasks including the day-to-day administration of the different information security monitoring and provisioning systems, controls and reviews, creation of new processes and facilitating ongoing assessments/audits.

Direct Reports: ☐ Yes ☒ No

Principal Duties

List of required duties below.

• Resource the Global Security Operations Center (SOC) located in Cape Coral, Florida. It is anticipated the person will work from this work location primarily.

• Support IT compliance program: Assist in developing, implementing, and executing our Customer’s IT compliance program.

• Identify SOX/SOC/Regulatory issues: Determine the proper root cause and provide guidance on potential remediation actions.

• Identify and address audit concerns: Recognize existing or potential issues and conduct further research, as necessary. Examples include: Segregation of Duties (SoD) concerns, improvements to processes, and evidence of approval.

• Collaborate with cross-functional teams: Interface with various departments, consultants, and vendors to participate in SOX/SOC audits and recommendations meetings.

• Liaison with auditors: Facilitate communication with external and internal auditors, acting as a liaison between auditors and the IT department.

• Align policies and procedures: Provide input to align IT and Security policies, standards, and procedures with compliance requirements.

• Support compliance with laws and regulations: Assist process owners, control owners, control performers, and compliance coordinators in ensuring controls are well-defined and compliant with applicable laws and regulations.

• Continuous monitoring: Experience in building control testing and evidence collection to efficiently collect and analyze the effectiveness of controls.

• Evaluate security and controls: Assess the security and controls of various on-premises and cloud-based technologies.

• Create documentation as needed and ensure it reflects a high level of quality.

• Additional duties as required by management.

Education and Experience

• Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent industry experience

• Holds or is working toward one or more of the following: CISSP, CISA, CRISC, CGEIT, or GRCP

• At least 3+ years' experience in cybersecurity or audit and exposure with various security frameworks.

• Experience and understanding of various regulatory requirements and laws, including but not limited to: SOX, FFIEC and GLBA. Additional experience in one or more of the following: ISO 2700X, ITIL, or NIST.

Knowledge, Skills, And Abilities

• Knowledge of IT controls and governance frameworks: Demonstrate a fundamental understanding of general computer control areas, IT governance frameworks, and Sarbanes-Oxley

• Experience with internal controls design and implementation: Possess fundamental experience in designing and implementing a system of internal controls, preferably within a large-scale management-led SOX organization.

This position requires a customer-oriented, dynamic personality that is willing to learn at a rapid rate. Empathy, understanding, a sense of humor and strong technical acumen will serve this role well. While this description is intended to be an accurate reflection of the position’s requirements, it in no way implies/states that these are the only job responsibilities. Management reserves the right to modify, add or remove duties and request other duties, as necessary.