Junior Consultant working on Cyber Security standards and customer advisory at MKS4U IT - Beratungs GmbH. Engaging in security assessments and developing long - term security strategies.
About the role
- Cyber Security SME ensuring the security and compliance of enterprise cloud applications. Collaborating across teams to achieve and maintain security authorization requirements.
Responsibilities
- Lead and coordinate efforts to obtain and maintain ATO/ATC for production systems, ensuring compliance with applicable security frameworks.
- Partner with Development, Cloud, and DevSecOps teams to integrate security throughout the SDLC and CI/CD pipelines, ensuring secure-by-design implementations.
- Review and contribute to system architectures, data flows, and Concept of Operations (CONOPS) documents to ensure alignment with Zero Trust principles and organizational security policies.
- Support and track the remediation of vulnerabilities and deficiencies identified through scans, assessments, and audits; create and manage Plans of Action & Milestones (POA&Ms) as required.
- Develop and maintain enterprise cybersecurity standards, guidelines, and best practices to ensure consistent implementation of security controls across all program systems.
- Support ongoing assessment and authorization (A&A) activities, including risk assessments, configuration management, and continuous monitoring reporting.
- Guide teams in applying Zero Trust Architecture (ZTA) principles—identity-centric access control, micro-segmentation, least privilege, and continuous validation—to all system designs and processes.
Requirements
- 5+ years of progressive experience in cybersecurity, with at least 3 years supporting federal ATO/ATC processes.
- In-depth knowledge of NIST RMF, FedRAMP, and Zero Trust Architecture frameworks.
- Experience collaborating with ISSOs, ISSMs, SCAs, and engineering teams.
- Familiarity with AWS cloud environments and DevSecOps pipelines.
- Strong technical understanding of network security, IAM, encryption, and vulnerability management.
- Excellent communication and coordination skills.
- Preferred Qualifications: CISSP, CISM, CAP, or equivalent cybersecurity certification.
- Experience with containerized applications, infrastructure as code (IaC), and continuous compliance tools.
Benefits
- Ability to Obtain a Public Trust clearance
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
IT - Security Consultant at Institut für Datenschutz und Datensicherheit guiding IT compliance and security strategies. Engage with clients to enhance IT security practices across Germany.
Business Development Representative creating and managing lead generation pipelines for cybersecurity solutions. Engaging with enterprise clients in Switzerland and Germany in a hybrid work model.
Information Security Officer responsible for developing and implementing security strategies at an IT service provider for the food and beverage industry. Engaging with teams and management on cyber risks and compliance.
Information Security Manager leading CISOaaS or GRC consultants for NVISO in Germany. Enhancing clients’ cybersecurity posture and driving strategic security initiatives.
Técnico de Segurança do Trabalho JR assisting with safety documentation and training for field activities at Arcadis. Focused on sustainable solutions in engineering and consulting.
Senior Security Engineer managing the vulnerability management program and collaborating with engineering teams at Causaly. Focused on cloud security and secure coding practices.
Infra Security Engineer focusing on endpoint security solutions in South Korea's urban mobility services. Collaborating on security architecture and threat detection initiatives.
Compliance Specialist managing documentation and policies for Orro's Information Security Management System. Supporting essential compliance activities across ISO 27001 and IRAP with strong attention to detail.
Senior Cyber Security Consultant supporting client cybersecurity development initiatives. Job focuses on administrative and technical aspects of cybersecurity within a collaborative consulting team setting.