MSSP Cybersecurity Advisor

At C3, we are pioneers in managed security services and incident response. We're committed to helping organizations make better decisions, reduce risk, and build resilient operations.

We work with organizations that range from growing businesses to highly regulated environments. Many of them know security matters, but they need trusted advisors who can translate complex frameworks and technical risks into practical, actionable guidance.

That is where our Cybersecurity Advisors come in.

If you have experience with diverse cybersecurity frameworks and enjoy solving complex security problems, building strong client relationships, and helping organizations mature their security programs, this role may be a great fit.

Cybersecurity Advisor

C3 is looking for a Cybersecurity Advisor who is self-motivated and comfortable working both independently and as part of a collaborative consulting team.

In this role, you will act as a trusted cybersecurity subject matter expert (SME) helping clients understand their risk posture and implement meaningful improvements to their security programs. You will work directly with client leadership, technical teams, and compliance stakeholders to assess environments, identify gaps, and design practical security strategies.

Some days may involve reviewing security policies or conducting risk assessments. Other days may involve advising executives on security strategy, leading tabletop exercises, or helping organizations prepare for compliance audits.

The common thread is simple: helping clients make smart security decisions.

The Cybersecurity Advisor should be familiar with Federal laws, NIST information security concepts and frameworks, and common industry standards such as SOC 2, CIS, ISO 27001, COSO, PCI-DSS, HIPAA, and COBIT.

What You'll Do

Perform Risk Assessments (utilizing well-known frameworks such as NIST CSF, NIST RMF, CIS RAM, ISO27001)

Provide Security Control Implementation (NIST 800-53, NIST 800-171, CIS 18, PCI-DSS, HIPAA)

Perform Gap Analyses (based on compliance frameworks such as AICPA SOC 2, HIPAA, PCI-DSS, FFIEC)

Develop Simulated Phishing Testing Campaigns

Develop and Implement Security Awareness Training Programs

Act as Virtual Chief Information Security Officer to Clients

Perform Business Impact Analyses (BIA)

Facilitate Incident Response & Business Continuity Tabletop Exercises

Review, Develop, and Implement Cybersecurity Risk Management Programs

Review, Develop, and Implement Vendor/Third Party Risk Management Programs

Review & Develop Policies (Information Security, Business Continuity, Disaster

Recovery, Incident Response, Vulnerability Lifecycle Management, Physical Security, etc.)

Communicate Assessment Results with Management and Executives

Analyze Conditions and Offer Recommendations on Best Practice

Establish and Maintain Strong Client Relationships

Assist with further developing our next generation service offerings and the infrastructure required to facilitate these offerings (proposals, client-facing materials, work programs, templates)

What You'll Bring

Minimum of 5+ years working in Cybersecurity roles such as Consulting, Auditing, and Project Management

CISSP, CISA, CGRC, GSE, or CISM Certification

Bachelor’s Degree in Business, Accounting, Cybersecurity, Information Technology, Computer Science, Computer Information Systems, or a related discipline

Understanding in the areas of Information Assurance, Risk Management, Information Security, IT Audits, Compliance, Internal Control Frameworks, and Risk Assessments

Demonstrated ability to prioritize while simultaneously managing multiple projects, often under tight deadlines

Business-fluent written and spoken English language skills

Excellent written and verbal communications skills

Proven commitment to providing exceptional client service

Effective time management and organizational skills

Team player with strong interpersonal communication

Self-starter with a strong work ethic

Able to perform work which requires attention to detail, analytical ability, and organization

Skilled at using Microsoft Excel, Word, PowerPoint, etc.

Strong attention to detail

This a remote US-based position with minimal travel.

What You'll Get

To be a part of one of the fastest-growing companies in America, and a talented team to back you up.

An awesome culture, backed up by winning several Best Places to Work awards.

Medical, Dental, Vision Insurance

Four Weeks of Paid Time Off (vacation & sick leave)

Four weeks of Paid Maternity and Paternity leave

Two days of Paid Volunteer Time

401(k) with 4% Company Match

Company Bonus Structure

Tuition Reimbursement

Employer-sponsored Disability & Life Insurance

Professional Development

C3's Core Values:

Team Human: Respecting all humans is a critical part of who we are at C3. We practice integrity in all interactions, we empathize with others, we create a supportive work environment, and we support the communities in which we live and operate.

Security First: At the cornerstone of our business, we prioritize security above convenience, cost or efficiency. A “security-first” approach means we practice what we preach and we lead by example for our clients.

Be an Advocate: We are passionate in our advocacy for our customer’s success and a path to the best solution for their business. We embrace feedback, put ourselves in your shoes and advocate for your interests as our own.

Embrace Change: More than a core value, at C3 it's a practical necessity in an industry that never stands still. As a new entity born from the merger of two top-ranked CMMC-focused IT services companies, we're keenly aware that our success hinges on our ability to adapt—whether that means integrating new platforms, refining processes, or keeping pace with changing CMMC guidelines.

Resilience: Our ability to withstand adversity and accomplish objectives while maintaining professionalism and discipline is critical to successful crisis management and risk avoidance.