Near Shore Cyber
Security Consultant
About Nearshore Cyber
Nearshore Cyber is dedicated to delivering top-tier Security, Risk, and Compliance consulting services. Our commitment to excellence, participation, integrity, and collaboration sets us apart in the industry. We strive to create a dynamic and inclusive environment where innovation and teamwork drive success.
Who We Look For We are seeking a mid-level Security Consultant with a minimum of 5 years of experience. The ideal candidate is a strong communicator and active listener, skilled at navigating diverse audiences and situations. They are self-aware, adaptable, and able to connect people, data, trends, and experiences. Our consultants are mature, humble, and genuine, consistently going above and beyond for clients and colleagues. They are ethical, trustworthy, and committed to our core values even in challenging situations. A passion for learning and technology is essential, as is the ability to inspire and excite others.
Key Responsibilities
Participate in Cybersecurity, Information Security, Risk, Compliance, and/or Data Privacy Programs or Projects under the guidance of senior consultants
Compliance framework mapping and implementation
Regulatory mapping and implementation
Advisory-side, risk, or regulatory remediation management
Readiness for new laws and regulations
Risk, Compliance, or Information Security risk reporting and monitoring
Creation of roadmaps to mature or advance Risk, Compliance, and Information Security Strategies/Programs/Controls
Design and enablement of cyber controls functions and processes
Change management related to regulatory adoption or compliance changes
Audit or certification readiness
Assist with GRC (Governance, Risk, and Compliance) related tasks and projects
Work with GRC/Cybersecurity solutions, tools, and technologies
Design or mature controls for technical areas such as Software Development, Identity and Access Management, Business Continuity and Resiliency, Cloud
Apply industry-specific regulations, laws, and standards such as SOC 2, ISO 27001, CMMC / NIST 800-171, NIST 800-53, CCPA/CPRA, HIPAA, PCI
Serve as an internal auditor on client audit preparation
Coordinate and advise clients through external audits
Continuously learn from senior consultants to develop expertise and advance within the role
Qualifications Required
Humble, Hungry, Smart
Demonstrated business and technology acumen
Strong written and verbal communication skills
Experience solving real business problems
Proven track record of delivering results
Experience working with and/or supporting a team
Ability to work across industries, roles, functions, and technologies
English language fluency at C1 or C2 level
Physical presence in Mexico with valid work authorization to work in Mexico
Preferred
Bachelor's degree
5+ years of professional experience
Relevant cybersecurity, systems, or networking certifications: CC (Certified in Cybersecurity), CEH, CCNA, CompTIA Security+, GISF, GSEC, SSCP, ISACA Cybersecurity Fundamentals Certificate
Experience across our service offerings
NIST NICE Definition NICE Framework Work Roles:
Security Control Assessment (OG-WRL-012)
Conduct security control assessments and audits
Evaluate effectiveness of security controls
Support SOC 2, ISO 27001, CMMC, PCI DSS assessments
Coordinate external audit processes
Document assessment findings and remediation recommendations
Knowledge of NIST 800-53, ISO 27001, compliance frameworks
Skills in security control evaluation and gap analysis
Cybersecurity Policy and Planning (OG-WRL-002)
Develop cybersecurity policies, standards, and procedures
Create strategic roadmaps for security program maturation
Conduct regulatory mapping and gap assessments
Map requirements to compliance frameworks
Facilitate policy development and stakeholder engagement
Knowledge of NIST CSF, ISO 27001, risk management methodologies
Skills in policy development, regulatory mapping, strategic planning
Systems Security Management (OG-WRL-014)
Manage cybersecurity programs and projects
Oversee security control implementation
Develop security metrics and risk reporting
Coordinate security governance activities
Monitor compliance with security policies
Knowledge of GRC tools, security operations, incident response
Skills in program management, security metrics, cross-functional coordination
Privacy Compliance (OG-WRL-008)
Develop and maintain privacy compliance programs
Conduct privacy impact assessments
Ensure compliance with GDPR, CCPA/CPRA, HIPAA
Develop privacy policies and procedures
Coordinate privacy incident response
Knowledge of privacy laws, data protection principles, privacy technologies
Skills in privacy assessments, data mapping, privacy policy development
Systems Authorization (OG-WRL-013)
Support system authorization and accreditation processes
Facilitate Authority to Operate (ATO) processes
Support Risk Management Framework implementation
Review security authorization documentation
Coordinate continuous monitoring programs
Knowledge of NIST SP 800-37, authorization processes
Skills in authorization facilitation, risk documentation, stakeholder coordination
Security Architecture (DD-WRL-001)
Design security architectures and controls
Develop security requirements for technical systems
Design controls for IAM, cloud, software development, business continuity
Evaluate security solutions and technologies
Knowledge of enterprise architecture, cloud security, zero trust
Skills in security architecture design, technical control specification
Key Competency Areas:
Risk Management
Compliance
Governance
Security Program Management
Privacy
Cyber Resiliency
#J-18808-Ljbffr
Who We Look For We are seeking a mid-level Security Consultant with a minimum of 5 years of experience. The ideal candidate is a strong communicator and active listener, skilled at navigating diverse audiences and situations. They are self-aware, adaptable, and able to connect people, data, trends, and experiences. Our consultants are mature, humble, and genuine, consistently going above and beyond for clients and colleagues. They are ethical, trustworthy, and committed to our core values even in challenging situations. A passion for learning and technology is essential, as is the ability to inspire and excite others.
Key Responsibilities
Participate in Cybersecurity, Information Security, Risk, Compliance, and/or Data Privacy Programs or Projects under the guidance of senior consultants
Compliance framework mapping and implementation
Regulatory mapping and implementation
Advisory-side, risk, or regulatory remediation management
Readiness for new laws and regulations
Risk, Compliance, or Information Security risk reporting and monitoring
Creation of roadmaps to mature or advance Risk, Compliance, and Information Security Strategies/Programs/Controls
Design and enablement of cyber controls functions and processes
Change management related to regulatory adoption or compliance changes
Audit or certification readiness
Assist with GRC (Governance, Risk, and Compliance) related tasks and projects
Work with GRC/Cybersecurity solutions, tools, and technologies
Design or mature controls for technical areas such as Software Development, Identity and Access Management, Business Continuity and Resiliency, Cloud
Apply industry-specific regulations, laws, and standards such as SOC 2, ISO 27001, CMMC / NIST 800-171, NIST 800-53, CCPA/CPRA, HIPAA, PCI
Serve as an internal auditor on client audit preparation
Coordinate and advise clients through external audits
Continuously learn from senior consultants to develop expertise and advance within the role
Qualifications Required
Humble, Hungry, Smart
Demonstrated business and technology acumen
Strong written and verbal communication skills
Experience solving real business problems
Proven track record of delivering results
Experience working with and/or supporting a team
Ability to work across industries, roles, functions, and technologies
English language fluency at C1 or C2 level
Physical presence in Mexico with valid work authorization to work in Mexico
Preferred
Bachelor's degree
5+ years of professional experience
Relevant cybersecurity, systems, or networking certifications: CC (Certified in Cybersecurity), CEH, CCNA, CompTIA Security+, GISF, GSEC, SSCP, ISACA Cybersecurity Fundamentals Certificate
Experience across our service offerings
NIST NICE Definition NICE Framework Work Roles:
Security Control Assessment (OG-WRL-012)
Conduct security control assessments and audits
Evaluate effectiveness of security controls
Support SOC 2, ISO 27001, CMMC, PCI DSS assessments
Coordinate external audit processes
Document assessment findings and remediation recommendations
Knowledge of NIST 800-53, ISO 27001, compliance frameworks
Skills in security control evaluation and gap analysis
Cybersecurity Policy and Planning (OG-WRL-002)
Develop cybersecurity policies, standards, and procedures
Create strategic roadmaps for security program maturation
Conduct regulatory mapping and gap assessments
Map requirements to compliance frameworks
Facilitate policy development and stakeholder engagement
Knowledge of NIST CSF, ISO 27001, risk management methodologies
Skills in policy development, regulatory mapping, strategic planning
Systems Security Management (OG-WRL-014)
Manage cybersecurity programs and projects
Oversee security control implementation
Develop security metrics and risk reporting
Coordinate security governance activities
Monitor compliance with security policies
Knowledge of GRC tools, security operations, incident response
Skills in program management, security metrics, cross-functional coordination
Privacy Compliance (OG-WRL-008)
Develop and maintain privacy compliance programs
Conduct privacy impact assessments
Ensure compliance with GDPR, CCPA/CPRA, HIPAA
Develop privacy policies and procedures
Coordinate privacy incident response
Knowledge of privacy laws, data protection principles, privacy technologies
Skills in privacy assessments, data mapping, privacy policy development
Systems Authorization (OG-WRL-013)
Support system authorization and accreditation processes
Facilitate Authority to Operate (ATO) processes
Support Risk Management Framework implementation
Review security authorization documentation
Coordinate continuous monitoring programs
Knowledge of NIST SP 800-37, authorization processes
Skills in authorization facilitation, risk documentation, stakeholder coordination
Security Architecture (DD-WRL-001)
Design security architectures and controls
Develop security requirements for technical systems
Design controls for IAM, cloud, software development, business continuity
Evaluate security solutions and technologies
Knowledge of enterprise architecture, cloud security, zero trust
Skills in security architecture design, technical control specification
Key Competency Areas:
Risk Management
Compliance
Governance
Security Program Management
Privacy
Cyber Resiliency
#J-18808-Ljbffr