Careers

CampusGuard is a rapidly growing company, and we are seeking associates for two immediate openings and looking ahead with professionals who would match their skills with future openings.
 

Security Advisor - Remote
 

CampusGuard provides information security services for our customers. The company focuses on the needs of campus-based organizations including higher education institutions, healthcare providers, city, county and state government agencies and hospitality markets. As a full-service information security firm, we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information security & compliance services. The Security Advisor is responsible for assessing a customer business and operating environment to evaluate and assess status for compliance with various rules and laws such as PCI DSS, FERPA, HIPAA/HITECH, GLBA, Red Flags, as well as provide information security consulting services utilizing various industry accepted standards including but not limited to NIST SP 800-171, SP 800-30 and ISO 27001.The Advisor will gather and analyze customer information, make site visits, perform gap analysis and make remediation recommendations where necessary. Advisors complete reports on findings, consult with customers in an ongoing basis and will perform periodic activities with customers to ensure continued compliance as well as provide sales support as needed.

 

JOB RESPONSIBILITIES:
Security Advisors are responsible for assessing and reporting client business and operating environments, network infrastructure and policy and procedures related to compliance and other relevant industry standards. Responsibilities include, but are not limited to the following: 
1.    Consult both on and offsite with customers to collect, review, and analyze data related to current institutional policies, business practices and procedures, network infrastructure, IT system configurations and physical security as it all relates to multiple compliance requirements. 
2.    Develop work plans for all affected campus departments by performing gap analysis of the current environment with specific compliance requirements. 
3.    Review requirements with application and service providers as necessary to achieve compliance. 
4.    Make recommendations for remediation steps required to achieve compliance. 
5.    At the conclusion of the assessment, the Security Advisor will assist the customer with the preparation of all required industry-standard reporting obligations (e.g. a PCI DSS Attestation of Compliance, etc.). 
6.    Be able to work in a home office environment with minimal supervision 
7.    Ability to travel required (50%). 


Security Advisors use standardized procedures and methods to assess the security and monitor the on-going compliance of each customer: 
1.    Perform gap assessments through interviews and physical assessments to evaluate customer networks, infrastructure and operations as it relates to compliance objectives. 
2.    Report on findings and assist customers in remediation activities as required. 


Security Advisors assist with sales and marketing activities: 
1.    Participate in sales calls as an industry expert
2.    Attend conferences as appropriate
3.    Prepare and perform industry-related presentations and/or webcasts 
4.    Other sales/marketing support duties as requested 

 

Note: Candidate must agree to prepare for and pass the PCI Qualified Security Assessor (QSA) certification and any other certifications as directed by his or her manager.

 

EXPERIENCE: 
Minimum acceptable work experience requirements: If a candidate does not satisfy any of the above education criteria or certificates, he or she must have a minimum of five years of relevant information security experience or proof of other recognized security certifications. 


SKILLS/KNOWLEDGE/ABILITIES:
1.    Candidate must be able to travel to customer locations. 
2.    Candidate must be able to analyze technical/network diagrams and specifications. 
3.    Candidate must be highly skilled in system administration for Windows, UNIX and network administration. 
4.    Candidate must understand and be able to communicate security parameter implementations in Windows and UNIX systems. 
5.    Candidate must have experience in network architecture development. 
6.    Candidate must have experience in configuring security appliances (e.g. firewalls, Intrusion detection systems, etc.).
7.    Candidate must be familiar with Web application development and various Web server systems. 
8.    Candidate must be able to write technical reports and provide analyses that will be read by customer management. 
9.    Candidate must be able to make easily-understood and well-received oral presentations to customer personnel. 


COMPETENCIES:
1.    Understanding of Industry-standard and Government-issued information security standards and their applicability, including but not limited to NIST and ISO standards.
2.    Understanding of Higher Education, Healthcare, and Government institutions and their structures, operations and security needs. 
3.    Understanding of the Payment Card Industry Structure (models, stakeholders, data flow).
4.    Understanding of payment card data (types of cards, data elements, authentication technologies, etc.). 
5.    Understanding of information systems, networks and related security issues. 
6.    Understanding of the differences between security breach, data compromise, and fraud.
7.    Ability to efficiently write summarized and detailed Findings Reports.

Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: LINK.

Nelnet, the parent company of CampusGuard, is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance.  Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Nelnet Corporate Recruiting. 

 

Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at 402-486-5725 or corporaterecruiting@nelnet.net.

 

Nelnet is a Drug Free and Tobacco Free Workplace


Penetration Tester / Ethical Hacker - Remote
 

CampusGuard provides information security services for our customers. We serve campus-based markets including education, healthcare, hospitality, and state and local government. The Offensive Security team assists customers with protecting personally identifiable information as described by various industries and regulatory agencies through a detailed analysis of systems, infrastructure, personnel procedures and physical security. As a full-service information security firm, we leverage our knowledge combined with the industry standards to provide our customers with world class information security & compliance services.

The Penetration Tester/Ethical Hacker is responsible for assessing a customer’s business and operating environment risk and infrastructure vulnerability posture. This position requires a wide range of knowledge of network infrastructures, operating systems hardware platforms, networking systems and the security vulnerabilities within each category. The qualified individual in this position will evaluate customer networks to discover and exploit security flaws and vulnerabilities with attack simulations on multiple platforms working against a specific customer-focused scope of work. This position requires a highly technical skill level to assess the risks and vulnerabilities of a customer’s network while being able to articulate the issues to a non-IT professional audience. Excellent communication skills, both oral and written are required to provide the reporting information to the customer after the tests are completed. When not performing the specific Scanning and Penetration Testing / Ethical Hacking functions, the individual in this position may provide support to the Security Advisors with other security assessments and gap analysis functions.


PRINCIPAL RESPONSIBILITIES:
Responsible for scanning and performing in depth penetration testing and reporting of customer business and operating environments and network infrastructure related to compliance and other relevant industry standards. Activities include, but are not limited to the following:


1.    Understand the Scope of Work for each customer agreement and perform the duties and tasks required by those agreements in an organized, professional manner.
2.    Perform vulnerability assessments and penetration testing, utilizing commercial and open source tools.
3.    Conduct web application penetration testing in line with Open Web Application Security Project.
4.    Exploit security flaws and vulnerabilities with attack simulations on multiple projects working against specific customer systems and networks in accordance with an agreed scope of work.
5.    Effectively provide technical risk assessment of technologies in networks, applications, systems, wireless, and perform social engineering.
6.    Review and analyze security vulnerability data to identify applicability and false positives.
7.    Ability to solve complex technical problems and articulate to non-IT personnel.
8.    Document all processes and procedures in accordance with CampusGuard standards.
9.    Report on findings and advise customers in remediation activities as required.
10.    Research and develop testing tools, techniques, and process improvements.
11.    When time allows, provide support to the Security Advisors with security assessments and gap analysis of system infrastructures in alignment with the PCI DSS, HIPAA and other well-known information security requirements.


Assist with sales and marketing activities:
1.    Participate in sales calls as an industry expert
2.    Attend conferences as appropriate
3.    Prepare and perform industry-related presentations and/or webcasts 
4.    Other sales/marketing support duties as requested 

 

EDUCATION AND EXPERIENCE REQUIREMENTS:
The Penetration Tester/Ethical Hacker must have sufficient information security knowledge and experience to conduct technically complex security assessments.

•    Minimum acceptable education requirements: Bachelor’s degree in Computer Science, Cyber Security or the equivalent, and/or 5 years’ experience in the information security industry 
•    Minimum acceptable certification requirements: Possess industry-recognized security certification(s) including one or more of the following: Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Offensive Security Web Expert (OSWE), Certified Ethical Hacker (CEH)
•    Note: Candidate must agree to prepare for and pass the PCI Professional (PCIP) certification and any other certifications as directed by his or her manager.
•    Minimum acceptable work experience requirements:  If a candidate does not satisfy any of the above education criteria or certificates, he or she must have a minimum of five years of relevant information security experience or proof of other recognized security certifications.

KEY SKILLS, QUALIFICATIONS AND TRAITS:
•    Offensive Security Web Expert (OSWE), Offensive Security Certified Expert (OSCE), or Offensive Security Certified Professional (OSCP) highly preferred.
•    Strong understanding of various web technologies and testing methodologies
•    Experience with penetration testing of cloud hosted environments is a plus.
•    Actively participating in the larger InfoSec community is a plus (industry presentations, having developed tools, participating in capture the flag (CTF) events, mentoring/educating, bug bounty hunting)
•    Demonstrates an ability to methodically analyze problems, identify solutions, and communicate to a non-technical audience.
•    Exhibits good writing and communications skills, to include the ability to render concise reports, summaries, and formal oral presentations.
•    Adequately explains, presents, demonstrates [when applicable] and documents the operational impact of a particular vulnerability/exploit. Advise customers in remediation tasks for discovered vulnerabilities.
•    Self-motivated and able to work both independently and with a team.
•    Willing to travel up to 25% of the time.

COMPETENCIES:
(C=Core Competencies; F=Functional)
•    C- Understanding of Higher Education, Healthcare, and Government institutions and their structure.
•    C- Understanding of information processing networks and related security issues.
•    C- Understanding of Industry standard information security standards and their applicability.
•    C- Understanding of system infrastructures, vulnerabilities, exploits and remediation tasks.
•    F- Ability to flow from black box to gray box to white box testing methodologies dependent on customer needs
•    F- Understanding of well-known security standards e.g., PCI DSS, NIST 800-53, ISO/IEC 27000-series, etc.
•    F- Understanding of Health Information security standards e.g., HIPAA, HITECH.
•    F- Understanding of differences between security breach, data compromise, and fraud
•    F- Understanding of campus type environments, structures, operations, and security needs

 

Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: LINK.

 

Nelnet, the parent company of CampusGuard, is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance.  Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Nelnet Corporate Recruiting. 

 

Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at 402-486-5725 or corporaterecruiting@nelnet.net.

 

Nelnet is a Drug Free and Tobacco Free Workplace.

 

CampusGuard_white.png
Want more information? Contact us.

4740 North Cumberland Avenue, Suite 365

Chicago, Illinois 60656

info@campusguard.com
Fax: 847.696.0564

  • White LinkedIn Icon
  • White Twitter Icon

Copyright © 2021 CampusGuard           Privacy Policy         Terms of Use