Cybersecurity Consultant

Synagex isn’t your average Managed Service Provider (MSP) or Registered Practitioner Organization (RPO). Our mission is to provide a unique blend of managed IT services, and specialized Cybersecurity and CMMC advisory capabilities. At Synagex, we take the complexity of the CMMC process and make it more accessible – and delivered in a way that is easy, engaging, and fun. We are looking for a Cybersecurity Consultant to join our RPO consulting team and play a key role in helping our clients achieve cybersecurity maturity and CMMC compliance.

This unique role will allow you to work with a team of cybersecurity professionals in a fast-paced environment. You will be responsible for providing CMMC or NIST-based cybersecurity consulting services to our clients, including conducting assessments, developing reports, policy consulting and supporting the implementation of security controls.

The ideal candidate isn't just a cybersecurity expert; you also embody our core values. You are passionate about cybersecurity and eager to "Send IT" by tackling complex CMMC requirements head-on, delivering detailed reports with precision, and being in it to win for our clients. You "Be the Tank" by proactively supporting your team, sharing your knowledge, and assisting with complex documentation. And you know how to "Tear IT up" by celebrating successes, both big and small, and balancing hard work with a great attitude.

This position is based at our Pittsfield, MA headquarters, with remote flexibility available for candidates located in the Northeast.

Responsibilities

·        Provide security and CMMC-related awareness training.

·        Contribute to partner webinars.

·        Lead assessment scoping meetings.

·        Conduct on-site gap assessments, which may require overnight travel, for clients within driving distance of your location.

·        Conduct virtual assessments for non-local customers.

·        Serve as a virtual note-taker to assist the lead consultant during assessments.

·        Develop System Security Plan (SSP) and Plan of Action and Milestones (POAM) reports using a GRC platform.

·        Review assessment reports created by other consultants to ensure we deliver a consistent and high-quality work product.

·        Develop network or data flow diagrams and asset inventories.

·        Cybersecurity policy development and consulting.

·        Mentor junior consultants during their onboarding and first year as a consultant.

Experience

·        5 years of work experience in cybersecurity, including security engineering, architecture, operations, offensive testing, consulting or Governance, Risk, and Compliance (GRC).

·        Experience performing Cybersecurity Maturity Model Certification (CMMC) gap assessments.

·        Experience working with a variety of contractor types operating in the Defense Industrial Base.

Education

·        Required Certifications:

--One of the following fundamental cybersecurity certifications: (ISC)2 CC, CompTIA Security , or Google Cybersecurity Certificate.

--CMMC Certified Professional (CCP).

·        Strong understanding of NIST frameworks, including at a minimum CSF, 800-53, 800-171, and 800-30.

·        In-depth knowledge of the Cybersecurity Maturity Model Certification (CMMC) framework.

·        Understanding of key security domains, including:

--Access Control

--Identification and Authentication

--Defense in depth

--Zero Trust principles

--Security program management

--Risk management

--Incident detection and response

·        Knowledge and experience with technology and security services supporting:

--Networking

--Cloud (IaaS, SaaS,…)

--Remote Monitoring and Management (RMM)

--Endpoint Detection and Response (EDR)

--Managed Detection and Response (MDR) / Security Information and Event Management (SIEM)

--Identity and Access Management (IAM)

--Security awareness training

--Vulnerability management

--Configuration management

Skills

·        Demonstrate exceptional communication skills, both verbal and written.

·        Be able to translate CMMC language into plain English and explain the intent of the requirements.

·        Be an active listener.

·        Possess a growth mindset and continually invest in training, webinars or networking events to keep a finger on the technology and cybersecurity pulse.

·        Have a positive and can-do attitude. Enjoy the process of solving a problem.

·        Enjoy collaboration and proactively contribute to the team’s overall success.

Requirements

·        Due to contractual obligations concerning CMMC (Cybersecurity Maturity Model Certification) compliance and ITAR (International Traffic in Arms Regulations) requirements, all applicants must be United States Citizens.

·        Valid drivers license

·        Background check