Security Advisor - Privacy

CampusGuard, a Nelnet Company, provides information security services for campus-based organizations including higher education institutions, healthcare providers, city, county and state government agencies and hospitality markets. As a full-service information security firm, we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information security & compliance services.

CampusGuard, a Nelnet company, provides information security and privacy consulting and compliance services primarily for campus-based organizations including higher education institutions, healthcare providers, state and local government agencies, utilities and hospitality markets. As a full-service firm, we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information security & compliance services.
The Security Advisor provides information security and privacy consulting and compliance services using accepted standards, frameworks, and best practices including but not limited to NIST SPs 800-53 and 800-171, NIST CS. Security Advisors assess and report on customers’ compliance with various rules, regulations, and standards such as PCI DSS, CMMC, GDPR, FERPA, HIPAA/HITECH, GLBA, and FTC Red Flags. The Security Advisor will gather and analyze customer information, make remote and/or physical site visits, conduct interviews, make observations, take appropriate notes, perform gap analysis, review evidence and documentation, and complete reports on findings with remediation recommendations where necessary.

JOB RESPONSIBILITIES:

Security Advisors are responsible for assessing and reporting on customer business and technical environments, operations/procedures, administration of infrastructure (from the network border to endpoints and everything in-between), compliance programs, and policies and procedures, as measured against relevant industry standards. Responsibilities of the Security Advisor include, but are not limited to the following:

• Consult both onsite and remotely with customers to collect, review, and analyze data related to current institutional policies, business practices and procedures, network infrastructure, IT system configurations and physical security as it all relates to multiple compliance requirements.

• Performing gap analyses of current environments, controls, and programs.

• Review requirements with application and service providers as necessary to achieve information security and compliance objectives.

• Make recommendations for remediation steps required to achieve information security and compliance objectives.

• Upon requests from customers, the Security Advisor may review customer-prepared documents and reports, and provide feedback/guidance to ensure accuracy, or in some cases assist the customer with the preparation of required industry-standard reporting obligations.

• This is a remote work position.  Candidate must be able to work in a home office environment with minimal supervision.

• Ability to travel required (25 to 50%).

• Other duties as assigned.

Security Advisors use standardized procedures and methods to assess the security and monitor the on-going compliance of each customer:

• Perform gap assessments through interviews and physical assessments to evaluate customer networks, infrastructure and operations as it relates to compliance objectives.

• Report on findings and assist customers in remediation activities as required.

Security Advisors assist with sales and marketing activities:

• Participate in sales calls as a subject matter expert and attend conferences as appropriate.

• Prepare and perform industry-related presentations and/or webcasts.

• Other sales/marketing support duties as requested.

**Starting Pay Range for this role is - $100,000 DOE

EDUCATION & EXPERIENCE:

• Bachelor’s degree or 5 years’ experience in information security or privacy, preferably in the practical application of security/privacy controls to business systems and processes.

• Must possess at least one of the following industry-recognized audit and information security certifications:

  • Certified Information System Security Professional (CISSP)

  • Certified Information Systems Auditor (CISA)

  • Certified Information Security Manager (CISM)

  • Certified Internal Auditor (CIA)

  • GIAC Systems and Network Auditor (GSNA)

SKILLS/KNOWLEDGE/ABILITIES:

• Understanding of and familiarity with information security, compliance, and privacy frameworks and standards including NIST SP 800-171, NIST CSF, ISO 27000, GLBA, GDPR, and PCI DSS.

• Understanding of information systems, networks, and related security issues.

• Understand core compliance program elements such as policies, procedures, training, third-party oversight, device protection, inventory/scope verification, and incident response.

• Understanding of risk assessments and targeted risk analyses.

• Technical understanding of foundational IT models, such as the OSI Model, is highly desirable, along with expertise in modern technologies such as networking protocols, system architecture, cloud computing platforms, virtualization, cybersecurity principles, and emerging IT trends.

• Creating high-quality deliverables using appropriate business and technical language.

Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: LINK.

Nelnet is committed to providing a welcoming and respectful workplace where all associates have the opportunity to succeed. As an Equal Opportunity Employer, we ensure that all qualified applicants are considered for employment. Employment decisions are made without regard to race, color, religion/creed, national origin, gender, sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by federal, state, or local law. We value the unique contributions of every team member and believe that a positive work environment benefits everyone.

Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at 402-486-5725 or corporaterecruiting@nelnet.net.

Nelnet is a Drug Free and Tobacco Free Workplace.