Cybersecurity Risk Assessment & Penetration Testing
Sunrise Systems, Raleigh, NC, United States
Job Title: Lead Consultant - Cybersecurity Risk Assessment & Penetration Testing
Job ID: 26-00420
Location: Raleigh, NC
Duration: 12 months of contract
Job Description:
Seeking an experienced Lead Consultant to lead large-scale cybersecurity risk assessments and penetration testing across 100 counties for the DHHS Privacy & Security Office. The role involves designing assessment strategies, performing technical security assessments, leading penetration testing efforts, developing standardized methodologies, and managing assessment teams to ensure consistent, high-quality execution. The consultant will also communicate complex security findings clearly to business leaders and stakeholders.
Key Responsibilities: Lead and perform technical security risk assessments across county IT environments (servers, networks, firewalls, IAM, MFA, VPN, patching). Conduct internal and external penetration testing, vulnerability identification, and exploit validation. Develop repeatable assessment methodologies, templates, and reporting standards. Manage assessment team assignments, schedules, and deliverables. Create and track project plans, timelines, and status reports. Align assessments with NIST, CIS Controls, ISO 27001 frameworks. Required Skills & Experience:
7+ years in cybersecurity risk assessments and penetration testing. 5+ years assessing enterprise IT infrastructure and security controls. 7+ years managing security assessment teams and projects. 3+ years working with NIST, CIS, ISO 27001 frameworks.
Contact: Raghu: Raghu.m@sunrisesys.com | URL: www.sunrisesys.com
Job Description:
Seeking an experienced Lead Consultant to lead large-scale cybersecurity risk assessments and penetration testing across 100 counties for the DHHS Privacy & Security Office. The role involves designing assessment strategies, performing technical security assessments, leading penetration testing efforts, developing standardized methodologies, and managing assessment teams to ensure consistent, high-quality execution. The consultant will also communicate complex security findings clearly to business leaders and stakeholders.
Key Responsibilities: Lead and perform technical security risk assessments across county IT environments (servers, networks, firewalls, IAM, MFA, VPN, patching). Conduct internal and external penetration testing, vulnerability identification, and exploit validation. Develop repeatable assessment methodologies, templates, and reporting standards. Manage assessment team assignments, schedules, and deliverables. Create and track project plans, timelines, and status reports. Align assessments with NIST, CIS Controls, ISO 27001 frameworks. Required Skills & Experience:
7+ years in cybersecurity risk assessments and penetration testing. 5+ years assessing enterprise IT infrastructure and security controls. 7+ years managing security assessment teams and projects. 3+ years working with NIST, CIS, ISO 27001 frameworks.
Contact: Raghu: Raghu.m@sunrisesys.com | URL: www.sunrisesys.com