Mediabistro logo
job logo

Program Director - penetration

Jobs via Dice, Raleigh, NC, United States

Job Title: Lead Consultant
Location: Raleigh, NC
Interview Type: Webcam Interview or In Person

Overview

Sage Group is seeking an experienced Lead Consultant with strong technical expertise and leadership skills to develop the assessment strategy, manage the technical risk assessment team, and ensure high‑quality execution across all counties. The DHHS Privacy & Security Office is launching a large‑scale cybersecurity initiative involving technical security risk assessments and penetration testing across 100 counties. This initiative covers county IT infrastructure, including servers, desktops, networks, firewalls, user access provisioning, MFA, VPNs, security hardening procedures, vulnerability management, and patch management processes. The consultant will design and conduct technical security assessments, perform penetration testing activities, create standardized methodologies and templates, and manage the assessment team’s assignments and project timelines. The consultant will also communicate complex security topics clearly to business leaders, CMS, and stakeholders.

Responsibilities

  • Design and conduct technical security assessments across county IT environments (servers, desktops, networks, firewalls, IAM, MFA, VPNs, patch management).
  • Perform internal and external penetration testing, identify vulnerabilities, and validate exploits.
  • Develop repeatable assessment methodologies, templates, testing procedures, and reporting formats for use across 100 counties.
  • Manage and coordinate assessment team workloads, assignments, schedules, and deliverables.
  • Create and maintain project plans, timelines, and progress reports.
  • Familiarity with NIST, CIS Controls, ISO 27001, and related frameworks.
  • Provide clear, non‑technical communication of security topics to business leaders, CMS, and stakeholders.

Qualifications / Experience

  • Experience in cybersecurity risk assessments and penetration testing.
  • Lead and perform technical security risk assessments on county IT environments (servers, desktops, networks, firewalls, IAM, MFA, VPNs, patching procedures).
  • Conduct internal/external penetration testing, vulnerability identification, and exploit validation.
  • Develop a repeatable assessment methodology with templates and reporting formats for scale across multiple counties.
  • Manage and coordinate assessment team workloads, assignments, schedules, and deliverables.
  • Project planning: create and maintain project plans, timelines, and progress reports.
  • Familiarity with NIST, CIS Controls, ISO 27001, and related frameworks.

Note: This description retains the original role scope and responsibilities while removing extraneous promotional material. It does not include non‑job content such as personal contact details or recruiter signatures.

#J-18808-Ljbffr