State and Local Government Cybersecurity Consultant

State and Local Government Cybersecurity Consultant

Requirements

• Bachelor’s degree AND three to five (3-5) years Cybersecurity related industry experience with at least 2+ years in State & Local Government sector for minimum level.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field paired with an MBA preferred.
• Experience must include either multiple years working in state or local government leading cybersecurity projects OR multiple years supporting state and local government cybersecurity work as a management consultant.
• Demonstrated ability to articulate how leading technologies can be positioned or architected to solve business challenges and problems.
• Demonstrated familiarity and application of leading cybersecurity frameworks, conducting NIST CSF assessments, and implementing NIST or CIS controls.
• Strong project management, communication, including both written and verbal, and critical analysis and problem-solving skills.
• Highly developed organizational and management skills.
• Ability to manage multiple time-sensitive priorities without diminished effectiveness.
• Must be proactive and ready to be highly visible.
• Ability to travel as required.
• The successful candidate must not be subject to employment restrictions from a former employer (such as a non-compete) that would prevent the candidate from performing the job responsibilities as described.
• Due to nature of client engagements, US Citizenship restrictions may apply.
• No sponsorship available for this position.
• Currently reside in the contiguous United States.
• The successful candidate should be located within fifty (50) miles of a Guidehouse office and may be required to work onsite in a Guidehouse Office or Client Office location for a hybrid work schedule.

Responsibilities

• Connect Guidehouse consulting solutions to solve client problems.
• Leverage industry connections to foster client and firm success: establish business development opportunities, communicate well-organized, effective Guidehouse solutions and presentations to client and internal executives.
• Lead and support workstreams that enable the assessment, development, and enhancement of state and local government cybersecurity and related technology integration strategies, operating plans, business processes, organizational structures, and supporting infrastructure.
• Depending on level, this role also involves practice and business development activities including creation of new service solution offerings; mentoring and coaching consulting staff; and collaborating with cybersecurity, compliance, data and analytics, IT enablement and enterprise software leaders.
• Communicating solutions and new strategies to clients through meetings, reports, and presentations.
• Assist in developing and executing cybersecurity strategy and implementing/aligning with established cybersecurity frameworks and aligning with business and regulatory requirements; Serve as a key advisor on cybersecurity policies, governance, and incident response strategies.
• Assist in compliance with federal and state cybersecurity regulations (e.g., NIST, FISMA, NERC CIP, CIS Controls); Lead risk assessments, vulnerability management, and third-party security evaluations; develop and enforce policies and controls to mitigate security risks across state or large local agencies.
• Guide the design and implementation of secure infrastructure, cloud environments, and application security best practices; Evaluate emerging security technologies and frameworks to enhance the state’s security posture.
• Integrate security into DevSecOps and digital transformation initiatives.
• Identify and evaluate potential security threats and vulnerabilities within an organization’s IT or OT infrastructure; Design and implement comprehensive security plans and policies to protect sensitive data and systems.
• Assist in performing regular security assessments and audits to ensure compliance with industry standards and regulations. Establish and enforce security controls to safeguard information systems and mitigate risks.
• Educate employees on best practices for cybersecurity and promote a culture of security awareness.

Preferred Qualifications

• MBA or Master’s degree in cybersecurity, risk management, or related discipline.
• Demonstrated abilities and success with managing the identification and addressing of client needs in the following areas: blend of technology solution development, functional architecture, and program management.
• Demonstrated extensive knowledge and/or a proven record of success in key facets of state and local government, including Education, Housing, Transportation, Criminal Justice, and/or Administration and functional areas. Knowledge and/or success should also include strategic sourcing, shared services, economic development, sustainability, performance management, disaster recovery and/or customer contact centers.
• Enterprise Security Architecture design and implementation experience (specifically Zero Trust).
• Experience conducting baseline assessments, building a future state vision, and developing actionable implementation plans.
• Ability to keep leadership informed of progress and issues, and answering questions and offer direction to staff.
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or additional certifications or credentials in related technologies, standards, methodologies, or frameworks (where applicable or available).
• Extensive program management, communication and presentation skills including the ability to liaise with technical and business teams and clearly articulate technology concepts to business audiences, in order to drive projects to completion.
• Preference will be given to candidates who reside a reasonable amount of miles of a Guidehouse office.