The Opportunity

NCC Group is always looking for amazing people to join our team. Government Services supports clients in meeting their legal and regulatory compliance requirements specifically related to the U.

S. Government. This role is for individuals with a few years of security consulting experience or those who can immediately contribute at an associate level.

The Challenge :

We are looking for people with :

• Experience with FedRAMP, StateRAMP, NIST 800-171 and NIST 800-53
• Demonstrated experience of four (4) areas of Technical Competency, and subject matter expertise in one or more areas
• Authored or assisted with final deliverable documentation for engagements
• Performed final review and QA on deliverables
• The ability to assist with medium to large complex projects and supervise contributing resources
• Developed and delivered complex reports related to regulatory compliance
• Presented findings and recommendations to technical and executive audiences

Essential Skills :

At NCC Group we are passionate about passionate people. We are looking for an individual who thrives in an ever-changing environment;

someone who can work with multiple teams to get the job done and deliver great work.

Required Candidate Attributes / Skills :

• Minimum of 2 years of experience in professional services
• Minimum of 2 years of experience in a Government Services

Technical Competencies (included, but not limited to) :

• Server / desktop operating systems (Windows, MacOSX, Linux, etc.)
• Office productivity tools; Word, Excel, and PowerPoint
• Data analytics; Access, MySQL, etc.
• Programming and / or scripting languages; Python, PowerShell, Linux shell scripting, etc.
• Compliance Assessment Standards
• FISMA / RMF for DoD IT
• FedRAMP
• CMMC / NIST SP 800-171
• Penetration Testing and Vulnerability Scanning of Government Systems per FedRAMP PMO / DoD Guidance, NIST SP 800-115, Cyber Essentials, OSSTM
• Physical Security Assessment to address FISMA, FedRAMP, DoD, CMMC and ISO / ISA requirements
• Risk Assessment per NIST SP 800-30 and SP 800-39
• Common Vulnerability Scoring System
• Third Party / Vendor Risk Assessment as per NIST SP 800-53 rev 5
• Security and Compliance Frameworks
• NIST FIPS, SPs, NISTIRs and other NIST publications
• ISO / IEC and ISA

Relevant Professional Certifications :

• Certificate of Cloud Auditing Knowledge (CCAK)
• GIAC Penetration Tester (GPEN)
• Licensed Penetration Tester (LPT)
• Certified Ethical Hacker (CEH)
• Certified Expert Pen Tester (CEPT)
• PenTest
• OSCP Certificate of Cloud Security Knowledge (CCSK)
• Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)

Personal Qualities

• High-level of professionalism, even in the midst of stressful engagements
• Outstanding attention to detail
• Self-motivated and a demonstrated self-starter
• Highly dependable; team player willing to perform any task necessary to help team succeed
• Ability to work on multiple projects concurrently

What do we offer in return?

We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits :

Flexible working

Financial & Investment

Employee Stock Purchase Plan

Maternity & Paternity leave

15 Days Paid Vacation 2 Floating Holidays

Competitive Vision, Dental, Health Insurance

Employee Referral Program

Learning & Development

Diversity & Inclusion

So, what’s next?

Last updated : 2024-03-24