Consultant: Security and Compliance

Location: Remote
Compensation: $80/Hour
Hours: 20 a week

What You'll Do: As a Consultant at Amomitto Security, you will be a key driver in our client engagements, executing specific tasks and managing assigned workstreams across both technical security and strategic compliance. This role is perfect for a practitioner looking to deepen their hands-on skills and grow their consulting experience.
You Will:

  • Implement and Configure Security Tooling: Independently deploy and manage security tools for clients, such as Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), and Cloud Security Posture Management (CSPM).

  • Conduct Foundational Security Assessments: Execute technical assessments with a defined scope, such as vulnerability scans, cloud configuration reviews, and basic penetration tests. You will be responsible for analyzing data and alerts to identify potential threats.

  • Execute on Compliance Engagements: Gather and review evidence for specific controls within common frameworks like SOC 2, ISO 27001, and HIPAA. You will conduct interviews with client-side control owners to document processes and perform controls testing to validate effectiveness.

  • Develop Client-Facing Documentation: Author clear technical documentation like standard operating procedures (SOPs) and configuration guides. You will also draft corporate policies and procedures based on Amomitto's templates and best practices.

  • Manage Security Questionnaires: Oversee the end-to-end completion of client security questionnaires by coordinating with subject matter experts (SMEs), ensuring the quality of submissions, and contributing to the client's knowledge base.

What We're Looking For:

  • 1-3 years of professional experience in a cybersecurity or compliance-focused role.A high desire to learn and a willingness to tackle any task

  • Demonstrable hands-on experience in at least one core domain, either:

    • Technical Security: Cloud Security (AWS or GCP), Corporate/IT/Endpoint Security, or Application Security.

    • GRC/Compliance: Experience with the process of evidence collection and review for at least one common compliance framework (e.g., SOC 2, ISO 27001, HIPAA).

  • Strong problem-solving skills, with the ability to troubleshoot technical issues or identify gaps in evidence with moderate supervision.

  • Excellent communication skills, with the ability to clearly articulate technical or compliance concepts to different audiences, both verbally and in writing.

  • A high degree of ownership and professionalism; you take responsibility for the quality and timeliness of your work.

What We Offer:

  • A competitive hourly rate and future profit sharing

  • A clear path for growth, with opportunities to learn from senior consultants and take on more complex challenges.

  • Direct mentorship from subject matter experts across the entire company.

  • A flexible, remote-first culture that values your work-life balance.

Note: This is a subcontracting position, and we are a small company. We can not provide health insurance, PTO, 401k Match, but are developing a Profit Sharing program that you will be part of. We are also happy to help the right candidate set up an LLC, learn how self employment taxes work, etc.

If you would like to apply for this position, please send an introduction and resume to careers@amomitto.com