Details
Posted: 29-Apr-22
Location: Chicago, Illinois
Type: Full Time
Additional Information:
Telecommuting is allowed.
CampusGuard, a Nelnet Company, provides information security services for campus-based organizations including higher education institutions, healthcare providers, city, county and state government agencies and hospitality markets. As a full-service information security firm, we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information security & compliance services.
The Security Advisor is responsible for assessing a customer business and operating environment to evaluate and assess status for information security and compliance with various rules and laws such as PCI DSS, FERPA, HIPAA/HITECH, GLBA, Red Flags, as well as provide information security consulting services utilizing various industry accepted standards including but not limited to NIST SP 800-171, SP 800-30 and ISO 27001.The Advisor will gather and analyze customer information, make site visits, perform gap analysis and make remediation recommendations where necessary. Advisors complete reports on findings, consult with customers in an ongoing basis and will perform periodic activities with customers to ensure continued compliance as well as provide sales support as needed.
JOB RESPONSIBILITIES:
Security Advisors are responsible for assessing and reporting client business and operating environments, network infrastructure and policy and procedures related to compliance and other relevant industry standards.
Responsibilities include, but are not limited to the following:
1. Consult both on and offsite with customers to collect, review, and analyze data related to current institutional policies, business practices and procedures, network infrastructure, IT system configurations and physical security as it all relates to multiple compliance requirements.
2. Develop work plans for relevant departments by performing gap analysis of the current environment with specific compliance requirements.
3. Review requirements with application and service providers as necessary to achieve information security and compliance objectives.
4. Make recommendations for remediation steps required to achieve information security and compliance objectives.
5. At the conclusion of the assessment, the Security Advisor will assist the customer with the preparation of all required industry-standard reporting obligations.
6. This is a remote work position. Candidate must be able to work in a home office environment with minimal supervision
7. Ability to travel required (potentially up to 50%). CampusGuard will continue to closely monitor the COVID-19 reported cases by state. Currently, business travel is evaluated on a case-by-case basis.
Security Advisors use standardized procedures and methods to assess the security and monitor the on-going compliance of each customer:
1. Perform gap assessments through interviews and physical assessments to evaluate customer networks, infrastructure and operations as it relates to information security and compliance objectives.
2. Report on findings and assist customers in remediation activities as required.
Security Advisors assist with sales and marketing activities:
1. Participate in sales calls as an industry expert
2. Attend conferences as appropriate
3. Prepare and perform industry-related presentations and/or webcasts
4. Other sales/marketing support duties as requested
Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: LINK.
Colorado residents: pay range for this position starts at $90K and up, varies based on experience.
Nelnet is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance.
Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at 402-486-5725 or corporaterecruiting@nelnet.net.
Nelnet is a Drug Free and Tobacco Free Workplace.
Note: Candidate must agree to prepare for and pass the PCI Qualified Security Assessor (QSA) certification and any other certifications as directed by his or her manager.
EXPERIENCE:
Minimum acceptable work experience requirements: If a candidate does not satisfy any of the above education criteria or certificates, he or she must have a minimum of five years of relevant information security experience or proof of other recognized security certifications.
SKILLS/KNOWLEDGE/ABILITIES:
1. Candidate must be able to travel to customer locations.
2. Candidate must be able to analyze technical/network diagrams and specifications.
3. Candidate must be highly skilled in system administration for Windows, UNIX and network administration.
4. Candidate must understand and be able to communicate security parameter implementations in Windows and UNIX systems.
5. Candidate must have experience in network architecture development.
6. Candidate must have experience in configuring security appliances (e.g. firewalls, Intrusion detection systems, etc.).
7. Candidate must be familiar with Web application development and various Web server systems.
8. Candidate must be able to write technical reports and provide analyses that will be read by customer management.
9. Candidate must be able to make easily-understood and well-received oral presentations to customer personnel.
COMPETENCIES:
1. Understanding of Industry-standard and Government-issued information security standards and their applicability, including but not limited to NIST and ISO standards.
2. Understanding of Higher Education, Healthcare, and Government institutions and their structures, operations and security needs.
3. Understanding of the Payment Card Industry Structure (models, stakeholders, data flow).
4. Understanding of payment card data (types of cards, data elements, authentication technologies, etc.).
5. Understanding of information systems, networks and related security issues.
6. Understanding of the differences between security breach, data compromise, and fraud.
7. Ability to efficiently write summarized and detailed Findings Reports.
