Nelnet

CampusGuard - Information Security Advisor

US-Remote
4 months ago
Job ID
2017-5180
# of Openings
2
Category
Information Technology

Overview

This is a remote position enabling you to work from your dedicated home office environment.

 

CampusGuard focuses primarily on the needs of campus-based organizations including higher education institutions, healthcare providers, city, county and state government agencies and hospitality markets. All of our staff has experience working with the unique needs of these campus-based environments. With a primary focus on assisting organizations with achieving compliance with the Payment Card Industry Data Security Standard (PCI DSS) and the Health Information Privacy and Accountability Act (HIPAA), in addition we are a full service cybersecurity firm experienced in all industry standard compliance and information security issues.

 

The Security Advisor is responsible for assessing a customer business and operating environment to evaluate and assess status for compliance with various rules and laws such as PCI DSS, FERPA, HIPAA/HITECH, GLBA, Red Flags, as well as provide information security consulting services utilizing various industry accepted standards including but not limited to NIST SP 800-171, SP 800-30 and ISO 27001. The Advisor will gather and analyze customer information, make site visits, perform gap analysis and make remediation recommendations where necessary. Advisors complete reports on findings, consult with customers in an ongoing basis and will perform periodic activities with customers to ensure continued compliance as well as provide sales support as needed.

 

 

Responsibilities

Advisors are responsible for assessing and reporting client business and operating environments, network infrastructure and policy and procedures related to compliance and other relevant industry standards. Responsibilities include, but are not limited to the following:

  1. Consult both on and offsite with customers to collect, review, and analyze data related to current institutional policies, business practices and procedures, network infrastructure, IT system configurations and physical security as it all relates to multiple compliance requirements.
  2. Develop work plans for all affected campus departments by performing gap analysis of the current environment with specific compliance requirements.
  3. Review requirements with application and service providers as necessary to achieve compliance.
  4. Make recommendations for remediation steps required to achieve compliance.
  5. At the conclusion of the assessment, the Advisor will assist the customer with the preparation of all required reporting obligations such as a PCI DSS Attestation of Compliance, or Report on Compliance if appropriate as well as any other industry standard reporting requirements.
  6. Be able to work in a home office environment with minimal supervision
  7. Ability to travel required (50%).

Advisors use standardized tools and procedures to monitor the on-going compliance of each customer:

  1. Perform vulnerability scanning and penetration testing to evaluate customer networks and Web infrastructure as it relates to compliance objectives.
  2. Report on findings and assist customers in remediation activities as required.

Advisors assist with sales and marketing activities:

  1. Participate in sales calls as an industry expert
  2. Attend conferences as appropriate
  3. Prepare and perform industry-related presentations and/or webcasts
  4. Other sales/marketing support duties as requested

Qualifications

EDUCATION:

  1. Minimum acceptable education requirements: Bachelor’s degree, and/or 5 years’ experience in the information security industry (preferably at an institution of higher education)
  2. Minimum acceptable certification requirements: Possess industry-recognized security certification(s) including one or more of the following: Certified Information System Security Professional (CISSP)(preferable), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM),

Note: Candidate must agree to prepare for and pass the PCI Qualified Security Assessor (QSA) certification and any other certifications as directed by his or her manager.

 

EXPERIENCE:

 

Minimum acceptable work experience requirements: If a candidate does not satisfy any of the above education criteria or certificates, he or she must have a minimum of five years of relevant information security experience or proof of other recognized security certifications.

 

COMPETENCIES - SKILLS/KNOWLEDGE/ABILITIES:

  1. Candidate must be able to travel to customer location
  2. Candidate must be able to analyze technical/network diagrams and specifications
  3. Candidate must be highly skilled in system administration for Windows, UNIX and network administration.
  4. Candidate must understand and be able to communicate security parameter implementations in Windows and UNIX systems.
  5. Candidate must have experience in network architecture development.
  6. Candidate must have experience in firewall configuration, Intrusion Detection systems, Penetration Testing.
  7. Candidate must be familiar with Web application development and various Web server systems.
  8. Candidate must be able to write technical reports and analyses that will be read by customer management
  9. Candidate should be able to make easily understood and well received oral presentations to customer personnel
  10. Understanding of information processing networks and related security issues
  11. Understanding of Industry standard information security standards and their applicability.
  12. Understanding of Higher Education, Healthcare, and Government institutions and their structure
  13. Understanding of the Payment Card Industry Structure (models, stakeholders, data flow)
  14. Understanding of payment card data (types of cards, data elements, authentication technologies, etc.)
  15. Understanding of transaction processing for different payment types.
  16. Understanding of differences between security breach, data compromise, and fraud
  17. Understanding of unique campus-based environments, structures, operations, and security needs

EEO Statement

Nelnet is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance. Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Nelnet Talent Acquisition & Recruiting.

Nelnet is a Drug Free and Tobacco Free Workplace.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed