Description

About Us:

NYSTEC is a nonprofit technology consulting company, advising agencies, organizations, institutions, and businesses since 1996. We're independent and vendor-neutral, so we have our clients' best interests at heart. At NYSTEC, we know that we succeed when individuals and teams flourish personally and professionally, so our benefits and perks support that mindset.

About the Role:

As a cybersecurity consultant in our Cybersecurity and Data Privacy practice area, you will serve in a client-facing role - responsible for performing security testing and risk assessments and providing expert guidance.

As a NYSTEC consultant, you will collaborate with other security professionals, gain exposure to a wide range of environments, and have the opportunity to continuously sharpen your skills while helping clients solve their toughest cybersecurity challenges.

Key Responsibilities

* Conduct application security testing according to industry standards and using tools such as Burp Suite and WebInspect.

* Perform penetration testing of web applications, networks, and cloud infrastructure across client environments.

* Assess and secure cloud environments (Amazon Web Services [AWS] preferred) through configuration reviews, identity/access controls, and compliance validation.

* Provide advisory services to clients across multiple domains, including:

o Identity and Access Management (IAM).

o National Institute of Standards (NIST)-based security frameworks.

o Vulnerability management programs.

o Threat intelligence and monitoring.

* Prepare and deliver clear reports and presentations that communicate technical findings and recommendations to both technical and non-technical stakeholders.

* Collaborate with colleagues and client teams to implement and validate remediation efforts.

* Stay up to date with the latest vulnerabilities, tools, and security practices, and bring that expertise into client engagements.

About you:

Required Qualifications

Background in web security testing and penetration testing methodologies and reporting.
Familiarity with AWS cloud security practices and controls.
Exposure to IAM, NIST, vulnerability management, and/or threat intelligence.
Excellent communication skills with the ability to translate technical findings into actionable insights.
Client-facing presence, with experience delivering results to both technical and executive-level stakeholders.

Preferred/Desired Qualifications

Relevant certifications (e.g., Offensive Security Certified Professional [OSCP], Certified Ethical Hacker [CEH], AWS Security Specialty, Certified Information Systems Security Professional [CISSP]) are a plus.

Education and Experience

A bachelor's degree and more than three years of related experience in cybersecurity consulting or related technical role. Experience should include hands-on, dynamic, application security testing with tools such as Burp Suite, WebInspect, and AppScan.
An equivalent combination of advanced education, training, and experience will be considered.

The target base salary for this position is $84,497.00 to $109,846.00 per year. When determining compensation, we analyze and carefully consider several factors, including skill set, experience, location, and job-related qualifications.

It is NYSTEC's policy to provide equal employment opportunity (EEO) to all individuals, regardless of actual or perceived race, color, creed, religion, sex, or gender (including pregnancy, childbirth, and related medical conditions), gender identity or gender expression (including transgender status), age, national origin, ancestry, citizenship status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, military service and veteran status, sexual orientation, marital status, or any other characteristic protected by local, state, or federal laws and ordinances. NYSTEC is strongly committed to this policy and believes in the concept and spirit of the law.

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact [email protected] if you require a reasonable accommodation to apply for or to perform this job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future.

Learn more about NYSTEC by visiting www.nystec.com.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.

Senior Consultant - Cybersecurity Consultant at NYSTEC

Job Description

Description

About Us:

About the Role:

As a cybersecurity consultant in our Cybersecurity and Data Privacy practice area, you will serve in a client-facing role - responsible for performing security testing and risk assessments and providing expert guidance.

As a NYSTEC consultant, you will collaborate with other security professionals, gain exposure to a wide range of environments, and have the opportunity to continuously sharpen your skills while helping clients solve their toughest cybersecurity challenges.

Key Responsibilities

* Conduct application security testing according to industry standards and using tools such as Burp Suite and WebInspect.

* Perform penetration testing of web applications, networks, and cloud infrastructure across client environments.

* Assess and secure cloud environments (Amazon Web Services [AWS] preferred) through configuration reviews, identity/access controls, and compliance validation.

* Provide advisory services to clients across multiple domains, including:

o Identity and Access Management (IAM).

o National Institute of Standards (NIST)-based security frameworks.

o Vulnerability management programs.

o Threat intelligence and monitoring.

* Prepare and deliver clear reports and presentations that communicate technical findings and recommendations to both technical and non-technical stakeholders.

* Collaborate with colleagues and client teams to implement and validate remediation efforts.

* Stay up to date with the latest vulnerabilities, tools, and security practices, and bring that expertise into client engagements.

About you:

Required Qualifications

Background in web security testing and penetration testing methodologies and reporting.

Familiarity with AWS cloud security practices and controls.

Exposure to IAM, NIST, vulnerability management, and/or threat intelligence.

Excellent communication skills with the ability to translate technical findings into actionable insights.

Client-facing presence, with experience delivering results to both technical and executive-level stakeholders.

Preferred/Desired Qualifications

Relevant certifications (e.g., Offensive Security Certified Professional [OSCP], Certified Ethical Hacker [CEH], AWS Security Specialty, Certified Information Systems Security Professional [CISSP]) are a plus.

Education and Experience

A bachelor's degree and more than three years of related experience in cybersecurity consulting or related technical role. Experience should include hands-on, dynamic, application security testing with tools such as Burp Suite, WebInspect, and AppScan.

An equivalent combination of advanced education, training, and experience will be considered.

Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future.

Learn more about NYSTEC by visiting www.nystec.com.

Resume Suggestions

Explore More Opportunities