CampusGuard Information Security Advisor

CampusGuard, a Nelnet Company, provides information security services for campus-based organizations including higher education institutions, healthcare providers, city, county and state government agencies and hospitality markets. As a full-service information security firm, we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information security & compliance services.CampusGuard, a Nelnet company, provides cybersecurity and compliance services for campus-based organizations including higher education institutions, healthcare providers, state and local government agencies, utilities and hospitality markets. As a full-service firm, we leverage our knowledge combined with the industry standards for compliance and information security issues to provide our customers with world class information cybersecurity & compliance services.The Security Advisor provides information security and compliance consulting services using accepted standards, frameworks, and best practices including but not limited to PCI DSS, NIST SPs 800-53 and 800-171, NIST CSF, and ISO 27001. Security Advisors assess and report on customers compliance with various rules, regulations, and standards such as PCI DSS, CMMC, GDPR, FERPA, HIPAA/HITECH, GLBA, and FACTA Red Flags. The Security Advisor will gather and analyze customer information, make remote and/or physical site visits, conduct interviews, take appropriate notes, perform gap analysis, review evidence and documentation, and complete reports on findings, with remediation recommendations included where necessary. Security Advisors provide ongoing consultation services to customers via recurring and ad-hoc meetings and email communications, and assist with periodic activities with customers, such as tabletop exercises, to ensure continued compliance. The Security Advisor provides sales support in the form of conference attendance, participation in sales calls, collaboration with Customer Relationship Manager (CRM) partners, and other tasks as needed.JOB RESPONSIBILITIES:Security Advisors are responsible for assessing and reporting on customer business and operating environments, network infrastructure, and policy and procedures related to compliance and other relevant industry standards. Responsibilities include, but are not limited to the following:Consult both onsite and remotely with customers to collect, review, and analyze data related to current institutional policies, business practices and procedures, network infrastructure, IT system configurations and physical security as it all relates to multiple compliance requirements.Develop work plans for relevant departments by performing gap analysis of the current environment with specific compliance requirements.Provide in-person or remote training presentations to customer personnel.Review requirements with application and service providers as necessary to achieve information security and compliance objectives.Make recommendations for remediation steps required to achieve information security and compliance objectives.At the conclusion of the assessment, the Security Advisor will assist the customer with the preparation of all required industry-standard reporting obligations.This is a remote work position. Candidate must be able to work in a home office environment with minimal supervision.Ability to travel required (potentially up to 50%). CampusGuard will continue to closely monitor the COVID-19 reported cases by state. Currently, business travel is evaluated on a case-by-case basis.Security Advisors use standardized procedures and methods to assess the security and monitor the on-going compliance of each customer:Perform gap assessments through interviews, physical assessments, and evidence review to evaluate customer networks, infrastructure, and operations as it relates to compliance objectives.Report on findings and assist customers in remediation activities as required.Security Advisors assist with sales and marketing activities:Participate in sales calls as an industry expertAttend conferences as appropriatePrepare and perform industry-related presentations and/or webcastsOther sales/marketing support duties as requestedEDUCATION:Minimum acceptable education requirements: Bachelors degree, and/or 5 years experience in the information security industry (preferably at an institution of higher education)Minimum acceptable certification requirements: Possess industry-recognized audit and information security certification(s) including one or more of the following: Certified Information System Security Professional (CISSP) (preferred), Certified Information Systems Auditor (CISA) (preferred), Certified Information Security Manager (CISM), Certified Internal Auditor (CIA), GIAC Systems and Network Auditor (GSNA).Note: Candidate must agree to prepare for and pass the PCI Qualified Security Assessor (QSA) certification and any other certifications as directed by his or her manager.EXPERIENCE:Minimum acceptable work experience requirements: If a candidate does not satisfy any of the above education criteria or certificates, he or she must have a minimum of five years of relevant information security experience or proof of other recognized security certifications.SKILLS/KNOWLEDGE/ABILITIES:Candidate must be able to travel to customer locations.Candidate must be able to analyze technical/network diagrams and specifications.Candidate must understand systems administration (e.g., Windows and UNIX).Candidate must understand and be able to communicate security parameter implementations in Windows and UNIX systems.Candidate must understand network architecture and administration.Candidate must understand security appliances and their configuration (e.g., firewalls, Intrusion detection systems, etc.).Candidate must be familiar with Web application development and various Web server systems.Candidate must be able to write detailed technical reports and provide analyses that will be read by customer management, including non-technical executives.Candidate must be able to make easily-understood and well-received oral presentations to a wide variety of customer personnel, including departmental personnel, business/finance staff members, IT and Information Security, and PETENCIES:Understanding of Industry-standard and Government-issued information security standards and their applicability, including but not limited to NIST and ISO standards.Understanding of Higher Education, Healthcare, and Government institutions and their structures, operations, and security needs.Understanding of the Payment Card Industry structure (models, stakeholders, data flow).Understanding of payment card data (types of cards, account data, cardholder data and related data elements, authentication technologies, etc.).Understanding of information systems, networks, and related security issues.Understanding of the differences between security breach, data compromise, and fraud.Ability to efficiently write summarized and detailed Findings Reports.Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: LINK (.Nelnet is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance.Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at 402-486-5725 or [Click Here to Email Your Resumé] .Nelnet is a Drug Free and Tobacco Free Workplace.

Created: 2025-11-15