Overview
Cybersecurity / Compliance Specialist (Tier 3). Location: Hybrid (North Carolina). Responsibilities
Cybersecurity Policy & Governance
Develop, maintain, and update enterprise cybersecurity policies, standards, procedures, and guidelines aligned with business operations and modernization initiatives. Establish policies covering cloud security, application security, endpoint protection, identity and access management, and data protection. Translate regulatory requirements and security frameworks into actionable internal controls and operating procedures. Provide leadership with cybersecurity posture assessments, policy impact analysis, and risk insights.
Security Control Implementation & Validation
Implement and manage administrative, technical, and operational security controls across enterprise systems and platforms. Support control implementation within cloud platforms, applications, endpoints, integrations, and identity systems. Perform control testing, validation, and evidence collection to ensure controls are operating effectively. Coordinate remediation activities for identified security gaps, vulnerabilities, and audit findings.
Cloud, Application, and Endpoint Security
Support secure configuration, monitoring, and access control for cloud-hosted environments. Coordinate application security practices, including secure configuration, authentication, authorization, and vulnerability remediation. Support endpoint security controls including device hardening, monitoring, and protection mechanisms. Ensure consistent security baselines and configuration standards across environments.
Identity, Access, and Data Protection
Support identity and access management controls, including role-based access, least-privilege enforcement, and periodic access reviews. Partner with data and IT teams to ensure sensitive data is appropriately classified, protected, and monitored. Ensure encryption, logging, and monitoring controls are applied to systems handling critical business and customer data.
Compliance Coordination (e.g., SOC, CMMC, ISO 27001)
Coordinate cybersecurity compliance efforts across SOC 2, CMMC, ISO 27001, etc., and customer-driven security requirements. Maintain compliance artifacts including policies, control mappings, evidence repositories, risk registers, and audit documentation. Serve as a point of coordination with auditors, assessors, and internal stakeholders during readiness assessments and audits. Track compliance milestones, remediation activities, and control ownership.
Risk Management & Security Operations Support
Conduct security and risk assessments across enterprise systems and business processes. Support incident response activities, including investigation support, root cause analysis, and corrective action tracking. Ensure logging, monitoring, and alerting mechanisms are operational and aligned to enterprise security objectives. Maintain accurate security documentation, system inventories, and data flow diagrams.
Cross-Functional Collaboration
Partner with IT, Engineering, Data, and Operations teams to embed security into modernization initiatives. Provide guidance to support secure adoption of new technologies, platforms, and services. Contribute to cybersecurity awareness and secure-by-design practices across the organization.
Required Qualifications
Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Engineering, or a related field. 4-8+ years of experience in cybersecurity, information assurance, risk management, or security operations. Experience developing cybersecurity policies and implementing security controls. Hands-on experience supporting cloud, application, endpoint, identity, and data security controls. Experience coordinating or supporting SOC 2, CMMC, ISO 27001, or similar compliance initiatives. Ability to communicate security requirements clearly to technical and non-technical stakeholders. Preferred Qualifications
Experience in telecom, distribution, IT services, or technology-enabled environments. Familiarity with modern security frameworks (e.g., Zero Trust, NIST, ISO) and risk-based security approaches. Experience working with cloud platforms (Azure preferred) and SaaS environments. Professional certifications such as Security+, CISSP, CISM, CRISC, or ISO 27001 Lead Implementer (or in progress). Key Performance Indicators (KPIs)
Cybersecurity Posture & Controls
Control Implementation Coverage: ≥ 90% of required security controls implemented and validated across in-scope systems. Reduction in Security Gaps: ≥ 25% year-over-year reduction in identified control deficiencies. Vulnerability Remediation SLA Compliance: ≥ 90% of vulnerabilities remediated within defined timelines.
Policy & Governance
Policy Coverage Rate: ≥ 95% of required cybersecurity policies documented and approved. Policy Review Timeliness: 100% of policies reviewed and updated per governance schedule. Policy Adoption Rate: ≥ 85% adherence across business units.
Compliance & Audit Readiness
Audit Readiness Status: Maintain continuous audit-ready posture for SOC 2, CMMC, and ISO 27001. Audit Findings: Zero repeat high-risk findings across audit cycles. Evidence Acceptance Rate: ≥ 95% of audit evidence accepted without rework.
Operational Effectiveness
Incident Response Support: Timely participation in ≥ 95% of security incidents and exercises. Monitoring Coverage: ≥ 90% of critical systems generating actionable security logs and alerts. Documentation Accuracy: 100% of security controls, processes, and diagrams maintained and current.
Collaboration & Business Enablement
Stakeholder Satisfaction: ≥ 85% satisfaction rating from IT, Engineering, and Operations teams. Security Enablement: Demonstrated support for modernization initiatives without introducing delivery delays.
About NWS
NWS empowers service providers, integrators, contractors, and organizations of all sizes to stay ahead of the curve. Established in 2012 and headquartered in Greensboro, North Carolina, USA, NWS boasts an extensive range of services across three key market segments. Our cable solutions showcase cutting-edge copper, fiber, and hybrid designs. With a proficient team of engineers, manufacturing, and supply chain experts, we can tailor these custom-trunked cable solutions to precise specifications, ensuring our clients benefit from the most reliable and efficient telecom solutions on the market. Join our energetic and vibrant team of skilled professionals and be part of the excitement at NWS. Our employees enjoy a culture that values initiative, teamwork, high values, and integrity. To learn more about us, please visit our website at nwsnext.com. Network Wireless Solutions (NWS) is committed to maintaining a safe, compliant, and professional workplace. As part of our hiring process, all offers of employment are contingent upon the successful completion of a background check and drug screening, where permitted by law. Background checks may include, but are not limited to, verification of employment history, education, criminal records, and other relevant factors in accordance with applicable federal, state, and local laws. Drug screening may be required based on the nature of the position and applicable regulations. NWS complies with all relevant laws regarding drug testing, including any accommodations required under the Americans with Disabilities Act (ADA) or other applicable statutes. A candidate's failure to pass the background check or drug screening may result in the withdrawal of an employment offer. Any falsification or omission of information during the hiring process may also be grounds for disqualification or termination of employment. By submitting an application to NWS, candidates acknowledge and consent to the company's background check and drug screening policies.
#J-18808-Ljbffr
Cybersecurity / Compliance Specialist (Tier 3). Location: Hybrid (North Carolina). Responsibilities
Cybersecurity Policy & Governance
Develop, maintain, and update enterprise cybersecurity policies, standards, procedures, and guidelines aligned with business operations and modernization initiatives. Establish policies covering cloud security, application security, endpoint protection, identity and access management, and data protection. Translate regulatory requirements and security frameworks into actionable internal controls and operating procedures. Provide leadership with cybersecurity posture assessments, policy impact analysis, and risk insights.
Security Control Implementation & Validation
Implement and manage administrative, technical, and operational security controls across enterprise systems and platforms. Support control implementation within cloud platforms, applications, endpoints, integrations, and identity systems. Perform control testing, validation, and evidence collection to ensure controls are operating effectively. Coordinate remediation activities for identified security gaps, vulnerabilities, and audit findings.
Cloud, Application, and Endpoint Security
Support secure configuration, monitoring, and access control for cloud-hosted environments. Coordinate application security practices, including secure configuration, authentication, authorization, and vulnerability remediation. Support endpoint security controls including device hardening, monitoring, and protection mechanisms. Ensure consistent security baselines and configuration standards across environments.
Identity, Access, and Data Protection
Support identity and access management controls, including role-based access, least-privilege enforcement, and periodic access reviews. Partner with data and IT teams to ensure sensitive data is appropriately classified, protected, and monitored. Ensure encryption, logging, and monitoring controls are applied to systems handling critical business and customer data.
Compliance Coordination (e.g., SOC, CMMC, ISO 27001)
Coordinate cybersecurity compliance efforts across SOC 2, CMMC, ISO 27001, etc., and customer-driven security requirements. Maintain compliance artifacts including policies, control mappings, evidence repositories, risk registers, and audit documentation. Serve as a point of coordination with auditors, assessors, and internal stakeholders during readiness assessments and audits. Track compliance milestones, remediation activities, and control ownership.
Risk Management & Security Operations Support
Conduct security and risk assessments across enterprise systems and business processes. Support incident response activities, including investigation support, root cause analysis, and corrective action tracking. Ensure logging, monitoring, and alerting mechanisms are operational and aligned to enterprise security objectives. Maintain accurate security documentation, system inventories, and data flow diagrams.
Cross-Functional Collaboration
Partner with IT, Engineering, Data, and Operations teams to embed security into modernization initiatives. Provide guidance to support secure adoption of new technologies, platforms, and services. Contribute to cybersecurity awareness and secure-by-design practices across the organization.
Required Qualifications
Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Engineering, or a related field. 4-8+ years of experience in cybersecurity, information assurance, risk management, or security operations. Experience developing cybersecurity policies and implementing security controls. Hands-on experience supporting cloud, application, endpoint, identity, and data security controls. Experience coordinating or supporting SOC 2, CMMC, ISO 27001, or similar compliance initiatives. Ability to communicate security requirements clearly to technical and non-technical stakeholders. Preferred Qualifications
Experience in telecom, distribution, IT services, or technology-enabled environments. Familiarity with modern security frameworks (e.g., Zero Trust, NIST, ISO) and risk-based security approaches. Experience working with cloud platforms (Azure preferred) and SaaS environments. Professional certifications such as Security+, CISSP, CISM, CRISC, or ISO 27001 Lead Implementer (or in progress). Key Performance Indicators (KPIs)
Cybersecurity Posture & Controls
Control Implementation Coverage: ≥ 90% of required security controls implemented and validated across in-scope systems. Reduction in Security Gaps: ≥ 25% year-over-year reduction in identified control deficiencies. Vulnerability Remediation SLA Compliance: ≥ 90% of vulnerabilities remediated within defined timelines.
Policy & Governance
Policy Coverage Rate: ≥ 95% of required cybersecurity policies documented and approved. Policy Review Timeliness: 100% of policies reviewed and updated per governance schedule. Policy Adoption Rate: ≥ 85% adherence across business units.
Compliance & Audit Readiness
Audit Readiness Status: Maintain continuous audit-ready posture for SOC 2, CMMC, and ISO 27001. Audit Findings: Zero repeat high-risk findings across audit cycles. Evidence Acceptance Rate: ≥ 95% of audit evidence accepted without rework.
Operational Effectiveness
Incident Response Support: Timely participation in ≥ 95% of security incidents and exercises. Monitoring Coverage: ≥ 90% of critical systems generating actionable security logs and alerts. Documentation Accuracy: 100% of security controls, processes, and diagrams maintained and current.
Collaboration & Business Enablement
Stakeholder Satisfaction: ≥ 85% satisfaction rating from IT, Engineering, and Operations teams. Security Enablement: Demonstrated support for modernization initiatives without introducing delivery delays.
About NWS
NWS empowers service providers, integrators, contractors, and organizations of all sizes to stay ahead of the curve. Established in 2012 and headquartered in Greensboro, North Carolina, USA, NWS boasts an extensive range of services across three key market segments. Our cable solutions showcase cutting-edge copper, fiber, and hybrid designs. With a proficient team of engineers, manufacturing, and supply chain experts, we can tailor these custom-trunked cable solutions to precise specifications, ensuring our clients benefit from the most reliable and efficient telecom solutions on the market. Join our energetic and vibrant team of skilled professionals and be part of the excitement at NWS. Our employees enjoy a culture that values initiative, teamwork, high values, and integrity. To learn more about us, please visit our website at nwsnext.com. Network Wireless Solutions (NWS) is committed to maintaining a safe, compliant, and professional workplace. As part of our hiring process, all offers of employment are contingent upon the successful completion of a background check and drug screening, where permitted by law. Background checks may include, but are not limited to, verification of employment history, education, criminal records, and other relevant factors in accordance with applicable federal, state, and local laws. Drug screening may be required based on the nature of the position and applicable regulations. NWS complies with all relevant laws regarding drug testing, including any accommodations required under the Americans with Disabilities Act (ADA) or other applicable statutes. A candidate's failure to pass the background check or drug screening may result in the withdrawal of an employment offer. Any falsification or omission of information during the hiring process may also be grounds for disqualification or termination of employment. By submitting an application to NWS, candidates acknowledge and consent to the company's background check and drug screening policies.
#J-18808-Ljbffr