Cybersecurity Assessor
Apollo Information Systems · Killeen-Temple Area · 3 wk ago
RemoteRemoteSalesFull-time
About the role
The Technical Assessor role at Apollo Information Systems involves conducting in-depth technical and program-level cybersecurity assessments of client environments. This role requires direct, hands-on experience assessing environments against recognized frameworks and producing clear, actionable guidance.
Responsibilities
- Independently plan and lead hands-on cybersecurity assessments across enterprise, cloud, and public-sector environments, including election infrastructure at the county, city, and state level.
- Evaluate the design and operating effectiveness of technical controls spanning identity and access management, endpoint protection, patch and vulnerability management, secure configuration, network segmentation, data protection, logging/monitoring, and incident response.
- Review and interpret technical configurations and artifacts, such as firewall rulesets, GPOs, hardening baselines, cloud security configurations, IAM policies, and logging setups, to validate control implementation.
- Conduct stakeholder interviews and documentation reviews to understand policy, process, and control maturity.
- Audit client environments against established frameworks and standards like NIST CSF 2.0, CIS Controls, ISO 27001, CMMC, CJIS, HIPAA, and PCI DSS.
- Produce detailed assessment reports with prioritized risk findings, maturity ratings, and pragmatic, business-aware recommendations, mapping findings to client risk and business context.
- Present findings and recommendations to client stakeholders ranging from technical practitioners to executive leadership.
- Drive continuous improvement of Apollo’s assessment methodologies, workbooks, tooling, and report templates.
- Mentor junior assessors and perform peer review of assessment deliverables.
- Collaborate with consultants, engineers, advisors, and project managers to deliver high-quality engagements.
- Stay current with emerging threats, technologies, and regulatory developments.
Qualifications
- Experience in cybersecurity, with demonstrable experience leading or performing security assessments.
- Direct, hands-on experience assessing environments against one or more recognized frameworks (NIST CSF, CIS Controls, ISO 27001, CMMC, CJIS, HIPAA, or PCI DSS).
- Strong working knowledge of security controls across operating systems, network infrastructure, cloud services, and identity systems.
- Ability to independently review and assess technical configurations and documentation.
- Excellent written communication and the ability to produce client-ready reports, plus the ability to explain technical findings in plain language to non-technical audiences.
- Experience working with clients in a consulting capacity and managing multiple concurrent engagements.
Preferred
- One or more relevant certifications — e.g., Security+, CySA+, CISA, GIAC (e.g., GSEC), or assessor-specific credentials such as CMMC CCP/CCA.
- Hands-on familiarity with Microsoft 365 and Azure (and exposure to AWS or GCP).
- Experience with security tooling — vulnerability scanners, SIEM/EDR platforms, and configuration analyzers.
- Experience supporting public sector clients, election infrastructure, or regulated industries.