CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Administration

Senior Industrial Security Consultant

United States, Reston Employment contract 96500.00 - 188400.00 USD / Year · Job Posted May 14, 2026
Apply Position
Job Link Share

Job Description

We are seeking an experienced Sr Industrial Security Specialist/COMSEC Officer to join our National Security Team in Reston, VA. If you have expertise in managing National Industrial Security Programs in accordance with CFR 32 Part 117, and a working knowledge of Intelligence Community guidelines, we encourage you to apply for this exciting opportunity. Microsoft’s mission is to empower every person and organization on the planet to achieve more. Our culture is built around a growth mindset that inspires excellence, fosters innovation, and encourages individuals and teams to bring their best every day. By embracing this mindset, we make customer-first decisions that lead to life-changing innovations impacting billions worldwide. We live our values of respect, integrity, and accountability, fostering a culture of inclusion where every individual can thrive—both at work and beyond. You can be part of this transformative journey. As a proud Defense Industrial Base (DIB) and Cloud Service Provider (CSP), Microsoft plays a vital role in serving the federal government. Protecting our nation’s security and preserving national interests are vital to the safety and prosperity of the United States, and in this role, you’ll be part of ensuring that critical functions operate effectively and securely. If you have demonstrated leadership in supporting the Department of Defense and the Intelligence Community, we invite you to apply for a key role in our National Security Team (NST). NST is responsible for overseeing the company’s industrial security program, enabling all U.S. Federal Government work.

Job Responsibility

  • Self-Motivation & Problem-Solving: Demonstrate ability to solve complex problems independently and proactively
  • Time Management & Independence: Effectively manage time, prioritize tasks, and work independently to meet deadlines
  • Decision Making: Make informed decisions that enhance the security program and foster strong relationships with internal and external stakeholders
  • Attention to Detail: Maintain a high standard of organization, punctuality, and attention to detail in all tasks
  • Core Values: Exhibit integrity, flexibility, adaptability, and a growth mindset in all aspects of the role
  • Collaboration: Work closely with internal teams such as Insider Threat & Counterintelligence, Personnel Security, Information Systems Security, and Legal
  • Regulatory Compliance: Engage with Government Security authorities to ensure compliance with regulations and directives, including CFR 32 Part 117, ICDs, DoDM 5105.21, and DoDM 5205.07
  • Training: Conduct Security Education and Training (SETA) sessions
  • Customer Engagement: Serve as a liaison between internal and external customers or government officials in the performance of security duties
  • Accreditation: Maintain ICD705 accreditations in accordance with the guidelines set by the Cognizant Security Agency
  • Security Violations: Investigate security violations, report findings, and submit required documentation
  • Business Relationships: Develop and maintain business relationships across the organization
  • Physical Security: Ensure secure work area (SWA) physical security, including visitor control, access control, and entry/exit inspections
  • Standard Operating Procedures: Prepare and annually update SOPs/EAPs for DoD and IC customers
  • Compliance Program Development: Design and maintain a compliant security program in line with 32 CFR Part 117 and IC directives
  • Regulatory Rulings: Obtain rulings, interpretations, and deviations for compliance with regulations from relevant government agencies
  • Business Impact Projects: Lead NST-driven initiatives that advance national security and drive strategic business outcomes
  • Audit Participation: Actively engage in Government security audits and maintain records of audit results

Requirements

  • 4+ years experience in security program or program management or related field OR equivalent experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Verification of U.S. citizenship

Nice to have

  • Regulatory Knowledge including Intelligence Community Directives (ICD), NISPOM (32 CFR Part 117), and DoD Directives
  • Experience with analysis and evaluation of both hardware and software in support of Intelligence Community (IC), Department of Defense, and other Federal Government Agencies
  • Proficient in using government security systems including Defense Information System for Security (DISS), National Background Investigation Services (NBIS), and Scattered Castles
  • Experience applying security risk assessment methodology to system development
  • Understanding and experience with government COMSEC requirements and protocols
  • Proven experience working with senior government officials and corporate executives
  • Passionate and aligned with the company's culture and values
  • Develop, create, implement, and support physical and operations security (OpSec) policies
  • Experience or knowledge of secure area construction in accordance with ICD 705 requirements
  • Bachelor's degree and 8+ years of experience in security, security program management, or equivalent experience
  • Active U.S. Government Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI) eligibility and FSP polygraph (or equivalent)
  • Extensive experience with industrial security policies, including ICDs, NISPOM (32 CFR Part 117), and DoD Directives
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Industrial Security Consultant

8 matching positions

Senior Associate Security Consultant OT Security

The Senior Associate Security Consultant is responsible for developing expertise...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field
  • Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential
  • Moderate level of demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment
  • Moderate level of experience with security architecture design principles
  • Moderate level of experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA or others
  • Moderate level of experience with security tools and techniques to cover SANS Top 25, OWASP or others
  • Strong interest in cybersecurity and a desire to learn and grow in the field
  • Knowledge of basic cybersecurity concepts, principles, and best practices
  • Familiarity with common security tools and technologies is a plus
  • Excellent analytical and problem-solving skills
Job Responsibility
Job Responsibility
  • Assists in conducting security assessments, vulnerability scans, and penetration tests to identify weaknesses in client systems
  • Analyzes security data, logs, and reports to detect and investigate security incidents or anomalies
  • Prepares and maintains documentation, including security assessment reports, findings, and recommendations
  • Collaborates with senior consultants to provide advice and support to clients on security best practices and risk mitigation strategies
  • Learns and uses various security tools and technologies for assessments and monitoring
  • Stays updated on the latest cybersecurity threats, vulnerabilities, and industry best practices
  • Assists in evaluating client systems for compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements
  • Communicates effectively with clients to understand their security needs and concerns
  • Participates in training programs and certifications to develop expertise in cybersecurity
  • Fulltime
Read More
Arrow Right

Senior Security Consultant, Emergent Threat & Exploit Researcher

Do you enjoy attacking networks? Do you enjoy sifting through large amounts of a...
Location
Location
United Kingdom
Salary
Salary:
Not provided
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in an active technical security role & 4+ years Penetration Testing Consulting experience
  • Expert knowledge of Modern penetration testing tools and methods
  • Expert knowledge of Network and web-based application security concepts
  • Expert knowledge of Windows/Linux/UNIX internals
  • Expert knowledge of Exploit research and development
  • Experience using multiple interpreted languages (Ruby, Python, PHP, etc.) and compiled languages (Java, C, C++, Assembly, etc.)
  • Technical competencies, including previous technical consulting experience
  • High quality report writing and peer reviewing
  • Strong knowledge of common regulatory structures and obligations and common I.T. governance
  • The ability to effectively lead teams of penetration testers while on engagements
Job Responsibility
Job Responsibility
  • Deliver Rapid7’s Vector Command Continuous Red Teaming service
  • Investigate emerging threats, uncover novel vulnerabilities across large external attack surfaces, and attempt to breach customer perimeter defenses to gain initial access
  • When new N-day or zero-day vulnerabilities emerge, rapidly analyze them, recreate proof-of-concepts, and assess customer environments for exposure
  • Actively hunt for novel vulnerabilities and unique attack paths across customer attack surfaces to support initial access operations
  • Evaluate large external attack surfaces to identify vulnerabilities that enable initial access
  • Collaborate closely with a team of Red Team operators, participating in daily meetings to establish attack objectives and operational direction
  • Analyze, develop, and exploit N-day and newly released zero-day vulnerabilities relevant to customer environments
  • Identify novel attacks through black-box evaluation of customer web applications, leading to initial access or exposure of sensitive data
  • Develop and maintain positive relationships with clients and understand their business and needs
  • Participate in industry conferences and professional organizations
Read More
Arrow Right

Senior Security Consultant

We have an exciting opportunity for a Senior Security Consultant to join our gro...
Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience of designing, leading and delivering cyber governance, risk and assurance outcomes
  • Strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards
  • Experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies
  • Experience applying UK Government security and assurance frameworks, including GovAssure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (GovS) 007
  • Relevant academic or professional qualifications, such as, an MSc in cyber security or related specialism, Cyber Essentials Assessor, Cyber Assurance Assessor, CISM, CISSP, PCIRM or ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Hold, or are actively working towards, Principal or Chartered Cyber Security Professional (ChCSP) status
  • Eligible to work in the UK and able to obtain and maintain UK security clearances
  • Flexibility to work from home, FSP office locations or at times visit client sites
Job Responsibility
Job Responsibility
  • Lead cyber governance, risk and compliance engagements, applying strong knowledge of cyber threats, risks, controls and mitigations to deliver effective security outcomes
  • Engage with clients to understand their threat landscape and business context, conducting risk and compliance assessments against recognised frameworks (e.g. ISO 27001, NIST, SOC 2)
  • Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks
  • Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight
  • Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes
  • Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Plus the excellent benefits package we offer at FSP
  • Fulltime
Read More
Arrow Right

Senior Security Consultant - Public Sector

The Security Consultant - Public Sector role at NTT DATA involves providing secu...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years’ experience working with Public Sector clients, preferably in the Health, Central Government or Public Safety domains
  • Minimum of 5 years’ security consulting experience in a multi-tiered IT enterprise environment / Governance, Risk and Compliance role
  • Minimum of 5 years’ experience in a Governance, Risk and Compliance role
  • A track record of delivering security solutions for large-scale infrastructure, transformation or integration programmes
  • Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines
  • Experience identifying sales opportunities and supporting Public Sector RFP / RFI / tender responses
  • Good knowledge of networking (switching, routing, firewalls)
  • Experience with the design concepts associated with adoption of Cloud platforms (AWS and/or Microsoft Azure)
  • An understanding of the native security capabilities and good practice within Cloud platforms (AWS and/or Microsoft Azure)
  • In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence
Job Responsibility
Job Responsibility
  • Ensure solutions are designed, delivered and operated securely
  • Contribute to business growth by identifying and shaping opportunities
  • Provide security leadership and guidance throughout the project lifecycle (from design to implementation and handover), and managed services (IT support and maintenance)
  • Embed security by design and ensure solutions meet compliance, regulatory and client-specific security requirements
  • Review and assess solution architectures and live systems from a security perspective, to identify and mitigate security risks
  • Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify/evidence appropriate compliance and security KPIs
  • Be a trusted advisor to senior clients on security topics
  • Conduct risk assessments and assurance reviews to validate that our solutions and services meet the required security standards
  • Ensure compliance with UK Government standards and frameworks
  • Support the development and maintenance of security policies and guidelines for the Public Sector
What we offer
What we offer
  • Tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options
  • Inclusive work environment prioritises mutual respect, accountability, and continuous learning
  • Range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network
  • Fulltime
Read More
Arrow Right

Senior Security Consultant

Job Title: Senior Security Consultant. Role Overview: You will be engaged in tas...
Location
Location
Japan , Tokyo
Salary
Salary:
Not provided
skyhighsecurity.com Logo
Skyhigh Security
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • More than 3 years working experience
  • At least 1 year of experience in one or more of the following security-related tasks: CSIRT support (regulation revision, security planning, security education, security helpdesk, incident response, forensics, malware analysis, etc.), SOC support related (log analysis using SIEM, packet analysis, vulnerability response, etc.), IT/OT Security Assessment, Investigative research on cyber security and information security, Vulnerability diagnosis, penetration test, etc work experience
  • More than 2 years of experience in IT area such as system design/construction, cloud, etc. (required)
  • One or more years of security consulting experience preferred
  • It is preferable to have experience in multiple security consulting projects or pre-sales for multiple security-related services
  • Strong desire to learn about cyber security and information security (required)
  • Communication and coordination skills with stakeholders including customers (At the moment, it is necessary to have a desire to acquire at least.)
  • Passed the Basic Information Technology Engineer Examination (passing is desirable, but there is no problem if you have the same level of knowledge)
  • Business level Japanese proficiency (reading, writing, speaking) is required
  • Business level English proficiency (reading, writing and speaking) preferred. (If you are not comfortable with English when joining the company, there is no problem.)
Job Responsibility
Job Responsibility
  • You will be engaged in tasks such as CSIRT support (including incident response), SOC support, security assessment, research, vulnerability diagnosis, and penetration testing for customers in government agencies, critical infrastructure companies, finance, and manufacturing industries as a team member
  • Depending on your background and security career aspirations, you will be responsible for 2-3 areas of the above duties to improve your own security skills after consulting with your manager
  • Responsible for everything from pre-sales to delivery
  • Our work is on a per-project basis. There is a possibility that you will be engaged in a short-term project of about 3 months or a long-term project that spans several years. In many cases, a team (3-4 people) is formed to proceed
  • Three months after joining the company is the OJT period. While receiving support from managers and mentors, you will use the OJT period to catch up on delivery projects and pre-sales that you participate in.
What we offer
What we offer
  • Retirement Plans
  • Medical, Dental and Vision Coverage
  • Paid Time Off
  • Paid Parental Leave
  • Support for Community Involvement
  • Fulltime
Read More
Arrow Right

Senior Security Consultant Maritime Domain

At Bureau Veritas we tend to say: “no safety without security”, because today, m...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
bureauveritas.cz Logo
Bureau Veritas Certification CZ, s.r.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A completed bachelor or master’s degree
  • Experience with aspects of marine and offshore products and infrastructure, from a security assessment and/or advice perspective
  • Experience with relevant industrial communication protocols and maritime IT/OT systems
  • Experience with conducting risk analyses and assessing risk management processes
  • You can communicate technical concepts and assessment results verbally and in written reports in simple terms
  • Knowledge of UR E26/E27, NR659, IEC 62443, MITRE ATT&CK for ICS, NIST CSF, and NIST SP 800-82 (or a strong wish to learn about these in a short period of time)
  • Interest and ability to write exciting whitepapers and publications
  • A supportive and a proactive personality, you know how to attract and engage both customers and colleagues
Job Responsibility
Job Responsibility
  • Perform assessment and advisory services for marine and offshore customers such as shipyards, shipowners, equipment manufacturers etc.
  • Provide support in security design and security architecture of industrial networks
  • Assist and advice customers in establishing or extending their SCADA/ICS/OT security program
  • Interpret security vulnerabilities, risks, policies, and procedures concerning the operational business impact
  • Manage and execute assessments based on recognized frameworks or specific frameworks developed by Bureau Veritas, with a specific focus on the maritime domain
  • Support our sales with your technical expertise
  • Coach junior and medior consultants on knowledge development
  • Actively contribute to knowledge and service offering development
What we offer
What we offer
  • A diverse portfolio of customers and customer projects
  • You will join a team of passionate specialists and knowledge sharing is our top priority
  • Within this role, there is freedom to explore cutting-edge developments in the market and perform research with concrete end goals
  • The opportunity to grow and shape your career
Read More
Arrow Right

Senior GRC Security Consultant

Senior GRC Security Consultant The Opportunity We are currently partnering wit...
Location
Location
United Kingdom
Salary
Salary:
350.00 - 600.00 GBP / Day
myn.co.uk Logo
Myn
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in Governance, Risk, and Compliance (GRC) within an information security context
  • Strong knowledge of industry-standard security frameworks such as ISO 27001, NIST, or NCSC CAF
  • Extensive experience conducting security risk assessments, gap analyses, and risk treatment planning
  • Proficiency in managing audit lifecycles, including evidence collection and remediation tracking
  • Ability to develop and maintain comprehensive security policies, standards, and procedures
  • Strong stakeholder management skills with the ability to communicate technical risk to business audiences
  • Experience in client-facing consultancy or cross-functional internal advisory roles
Job Responsibility
Job Responsibility
  • Taking ownership of assessing organisational security posture against industry-standard frameworks
  • Managing full audit lifecycles
  • Ensuring regulatory compliance across complex environments
  • Conducting comprehensive risk assessments and gap analyses
  • Developing robust security policies
  • Collaborating with cross-functional teams to embed security controls into core business operations
Read More
Arrow Right

Senior Product Security Consultant

The Product Security Consultant is a post-sales role that works closely with cus...
Location
Location
United States
Salary
Salary:
89300.00 - 120700.00 USD / Year
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years of technical experience working with security applications: Security Information and Event (SIEM)/ Log Management, Governance Risk Compliance (GRC), Identity Access Management, IDS/IPS, Advanced Persistent Threat, Anti-Virus, Vulnerability Management
  • Experience with scripting languages and databases: Python or Powershell
  • SQL
  • Interacting with APIs
  • Experience communicating highly technical concepts to a non-technical audience
  • Understanding of network technologies and protocols (e.g. DHCP, IP, DNS, HTTP, etc.)
  • Experience deploying and maintaining virtual machines and configuring policies on cloud platforms (e.g. Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP))
  • Administrator-level experience with Microsoft Windows Server, Linux and/or MacOS operating systems
  • Customer Centric Communication: Ability to translate complex technical concepts and security best practices into clear, actionable guidance for customers with varying levels of technical expertise
  • Technical Collaboration & Enablement: Ability to partner sales teams to provide technical expertise and support throughout the customer lifecycle, from pre-sales scoping to post-implementation success
Job Responsibility
Job Responsibility
  • Evaluate information technology architecture within customer environments across a broad range of industries and proportions to deploy Rapid7 products, and advise on security best practices within the scope of these products
  • Document and communicate design & implementation details to customer end users
  • Automate and customize solutions to enable customers to use Rapid7 products most efficiently via API scripting, reporting, and custom dashboard development
  • Support sales teams by providing enablement on available offerings and by providing scoping assistance during the sales cycle
  • Generate, Maintain and deliver R7 internal enablement materials to team members and cross-functional R7 partners, as well as team infrastructure, internal processes, tooling, and collateral
  • Willingness to travel up to 30%
  • Fulltime
Read More
Arrow Right