CampusGuard, a Nelnet company, provides information security and privacy consulting and compliance services primarily for campus-based organizations including higher education institutions, healthcare providers, state and local government agencies, utilities and hospitality markets. As a full-service firm, we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information security & compliance services.
The Security Advisor provides information security and privacy consulting and compliance services using accepted standards, frameworks, and best practices including but not limited to NIST SPs 800-53 and 800-171, NIST CS. Security Advisors assess and report on customers’ compliance with various rules, regulations, and standards such as PCI DSS, CMMC, GDPR, FERPA, HIPAA/HITECH, GLBA, and FTC Red Flags. The Security Advisor will gather and analyze customer information, make remote and/or physical site visits, conduct interviews, make observations, take appropriate notes, perform gap analysis, review evidence and documentation, and complete reports on findings with remediation recommendations where necessary.

JOB RESPONSIBILITIES:

Security Advisors are responsible for assessing and reporting on customer business and technical environments, operations/procedures, administration of infrastructure (from the network border to endpoints and everything in-between), compliance programs, and policies and procedures, as measured against relevant industry standards. Responsibilities of the Security Advisor include, but are not limited to the following:

• Consult both onsite and remotely with customers to collect, review, and analyze data related to current institutional policies, business practices and procedures, network infrastructure, IT system configurations and physical security as it all relates to multiple compliance requirements.

• Performing gap analyses of current environments, controls, and programs.

• Review requirements with application and service providers as necessary to achieve information security and compliance objectives.

• Make recommendations for remediation steps required to achieve information security and compliance objectives.

• Upon requests from customers, the Security Advisor may review customer-prepared documents and reports, and provide feedback/guidance to ensure accuracy, or in some cases assist the customer with the preparation of required industry-standard reporting obligations.

• This is a remote work position.  Candidate must be able to work in a home office environment with minimal supervision.

• Ability to travel required (25 to 50%).

• Other duties as assigned.

Security Advisors use standardized procedures and methods to assess the security and monitor the on-going compliance of each customer:

• Perform gap assessments through interviews and physical assessments to evaluate customer networks, infrastructure and operations as it relates to compliance objectives.

• Report on findings and assist customers in remediation activities as required.

Security Advisors assist with sales and marketing activities:

• Participate in sales calls as a subject matter expert and attend conferences as appropriate.

• Prepare and perform industry-related presentations and/or webcasts.

• Other sales/marketing support duties as requested.

EDUCATION & EXPERIENCE:

• Bachelor’s degree or 5 years’ experience in information security or privacy, preferably in the practical application of security/privacy controls to business systems and processes.

• Must possess at least one of the following industry-recognized audit and information security certifications:

  • Certified Information System Security Professional (CISSP)

  • Certified Information Systems Auditor (CISA)

  • Certified Information Security Manager (CISM)

  • Certified Internal Auditor (CIA)

  • GIAC Systems and Network Auditor (GSNA)

SKILLS/KNOWLEDGE/ABILITIES:

• Understanding of and familiarity with information security, compliance, and privacy frameworks and standards including NIST SP 800-171, NIST CSF, ISO 27000, GLBA, GDPR, and PCI DSS.

• Understanding of information systems, networks, and related security issues.

• Understand core compliance program elements such as policies, procedures, training, third-party oversight, device protection, inventory/scope verification, and incident response.

• Understanding of risk assessments and targeted risk analyses.

• Technical understanding of foundational IT models, such as the OSI Model, is highly desirable, along with expertise in modern technologies such as networking protocols, system architecture, cloud computing platforms, virtualization, cybersecurity principles, and emerging IT trends.

• Creating high-quality deliverables using appropriate business and technical language.

**Pay Range for this role is - $110,000 - $125,000

Please note that we are unable to provide visa sponsorship for this position. To be considered, candidates must already be authorized to work in the United States without the need for current or future sponsorship.

Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: .