Security Advisor - IT Security and Privacy

CampusGuard, a Nelnet Company, provides information security services for campus-based organizations including higher education institutions, healthcare providers, city, county and state government agencies and hospitality markets. As a full-service information security firm, we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information security & compliance services.

CampusGuard, a Nelnet company, provides cybersecurity and compliance services for campus-based organizations including higher education institutions, healthcare providers, state and local government agencies, utilities and hospitality markets. As a full-service firm, we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information cybersecurity & compliance services.

The Security Advisor provides information security and compliance consulting services using accepted standards, frameworks, and best practices including but not limited to NIST SPs 800-53 and 800-171, NIST CSF, and ISO 27001. Security Advisors assess and report on customers’ compliance with various rules, regulations, and standards such as CMMC, GDPR, FERPA, HIPAA/HITECH, GLBA, and FACTA Red Flags. The Security Advisor will gather and analyze customer information, make remote and/or physical site visits, conduct interviews, make observations, take appropriate notes, perform gap analysis, review evidence and documentation, and complete reports on findings with remediation recommendations where necessary. Security Advisors provide ongoing consultation services to customers via recurring and ad-hoc meetings and email communications, and assist with periodic support activities, such as tabletop exercises and facilitating risk assessments, to ensure continued compliance. The Security Advisor provides sales support in the form of conference attendance/presentations, collaborates with Customer Relationship Manager (CRM) partners, and performs other tasks as needed/assigned, including but not limited to time entry, internal meetings, creating/revising both internal- and customer-facing documents and tools, and attending training seminars/webinars.

JOB RESPONSIBILITIES:

Security Advisors are responsible for assessing and reporting on customer business and technical environments, operations/procedures, administration of infrastructure (from the network border to endpoints and everything in-between), compliance programs, and policies and procedures, as measured against relevant industry standards. Responsibilities of the Security Advisor include, but are not limited to the following:

• Consult both onsite and remotely with customers to collect, review, and analyze data related to current institutional policies, business practices and procedures, network infrastructure, IT system configurations and physical security as it all relates to multiple compliance requirements.
• Performing gap analyses of current environments, controls, and programs.
• Review requirements with application and service providers as necessary to achieve information security and compliance objectives.
• Make recommendations for remediation steps required to achieve information security and compliance objectives.
• Upon requests from ongoing customers, the Security Advisor may review customer-prepared documents and reports, and provide feedback/guidance to ensure accuracy, or in some cases assist the customer with the preparation of required industry-standard reporting obligations.
• This is a remote work position. Candidate must be able to work in a home office environment with minimal supervision
• Ability to travel required (potentially up to 50%).
• Other duties as assigned.

Security Advisors use standardized procedures and methods to assess the security and monitor the on-going compliance of each customer:

• Perform gap assessments through interviews and physical assessments to evaluate customer networks, infrastructure and operations as it relates to compliance objectives.
• Report on findings and assist customers in remediation activities as required.

Security Advisors assist with sales and marketing activities:

• Participate in sales calls as an industry expert, and attend conferences as appropriate.
• Prepare and perform industry-related presentations and/or webcasts.
• Other sales/marketing support duties as requested.

Pay Range for this role is: $90,000 DOE

EDUCATION:

• Minimum acceptable education requirements: Bachelor’s degree, and/or 5 years’ experience in the information security industry (preferably at an institution of higher education).
• Minimum acceptable certification requirements: Possess industry-recognized audit and information security certification(s) including one or more of the following: Certified Information System Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Internal Auditor (CIA), GIAC Systems and Network Auditor (GSNA).

EXPERIENCE:

Minimum acceptable work experience requirements: If a candidate does not satisfy any of the above education criteria or certificates, he or she must have a minimum of five years of relevant information security experience or proof of other recognized security certifications.

SKILLS/KNOWLEDGE/ABILITIES:

• Understanding of and familiarity with information security, compliance, and privacy frameworks and standards including NIST SP 800-171, NIST CSF, ISO 27001, GLBA, GDPR, PCI, and other standards.
• Understanding of Higher Education, Healthcare, and Government institutions and their structures, operations, and security needs.
• Understanding of the Payment Card Industry Structure (models, stakeholders, data flow).
• Understanding of information systems, networks, and related security issues.
• Understand core compliance program elements such as policies, procedures, training, third-party oversight, device protection, inventory/scope verification, and incident response.
• Understanding of risk assessments and targeted risk analyses.

CREATIVE PROBLEM-SOLVING OMPETENCIES:

• Collaborating, identifying, and addressing customer needs through relationship building and understanding customer’s business and needs.
• Familiarity with Education, Healthcare, and Government institution and their structures, operations, and security needs.
• Understanding of information systems, networks, and related security issues.
• Communicating in written, verbal, and video formats.
• Communicating both quantitative and qualitative analyses.
• Creating high-quality deliverables using appropriate business and technical language.

Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: LINK.

Nelnet is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance.

Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at 402-486-5725 or corporaterecruiting@nelnet.net.

Nelnet is a Drug Free and Tobacco Free Workplace.

Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: LINK.

Nelnet is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance.

Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at 402-486-5725 orcorporaterecruiting@nelnet.net.

Nelnet is a Drug Free and Tobacco Free Workplace.