Cybersecurity / Compliance Specialist (Tier 3)

Location: Hybrid (North Carolina)

The Mid-Level Cybersecurity Analyst is responsible for enhancing the organizations cybersecurity posture through the development of security policies implementation and validation of security controls and coordination of compliance activities. This role supports Network Wireless Solutions (NWS) continued modernization as a telecom distributor expanding into an IT Service Provider by ensuring that cybersecurity practices are consistently applied across cloud environments applications endpoints identities integrations and data platforms.

The analyst will support the organizations adoption of modern security frameworks-including Zero Trust principles as a reference model-while maintaining a practical risk-based approach to securing enterprise systems data assets and business operations.

Key Responsibilities

1. Cybersecurity Policy & Governance

• Develop maintain and update enterprise cybersecurity policies standards procedures and guidelines aligned with business operations and modernization initiatives.
• Establish policies covering cloud security application security endpoint protection identity and access management and data protection.
• Translate regulatory requirements and security frameworks into actionable internal controls and operating procedures.
• Provide leadership with cybersecurity posture assessments policy impact analysis and risk insights.

2. Security Control Implementation & Validation

• Implement and manage administrative technical and operational security controls across enterprise systems and platforms.
• Support control implementation within cloud platforms applications endpoints integrations and identity systems.
• Perform control testing validation and evidence collection to ensure controls are operating effectively.
• Coordinate remediation activities for identified security gaps vulnerabilities and audit findings.

3. Cloud Application and Endpoint Security

• Support secure configuration monitoring and access control for cloud-hosted environments.
• Coordinate application security practices including secure configuration authentication authorization and vulnerability remediation.
• Support endpoint security controls including device hardening monitoring and protection mechanisms.
• Ensure consistent security baselines and configuration standards across environments.

4. Identity Access and Data Protection

• Support identity and access management controls including role-based access least-privilege enforcement and periodic access reviews.
• Partner with data and IT teams to ensure sensitive data is appropriately classified protected and monitored.
• Ensure encryption logging and monitoring controls are applied to systems handling critical business and customer data.

5. Compliance Coordination (e.g. SOC CMMC ISO 27001)

• Coordinate cybersecurity compliance efforts across SOC 2 CMMC ISO 27001 etc. and customer-driven security requirements.
• Maintain compliance artifacts including policies control mappings evidence repositories risk registers and audit documentation.
• Serve as a point of coordination with auditors assessors and internal stakeholders during readiness assessments and audits.
• Track compliance milestones remediation activities and control ownership.

6. Risk Management & Security Operations Support

• Conduct security and risk assessments across enterprise systems and business processes.
• Support incident response activities including investigation support root cause analysis and corrective action tracking.
• Ensure logging monitoring and alerting mechanisms are operational and aligned to enterprise security objectives.
• Maintain accurate security documentation system inventories and data flow diagrams.

7. Cross-Functional Collaboration

• Partner with IT Engineering Data and Operations teams to embed security into modernization initiatives.
• Provide guidance to support secure adoption of new technologies platforms and services.
• Contribute to cybersecurity awareness and secure-by-design practices across the organization.

Required Qualifications

• Bachelors degree in Cybersecurity Information Systems Computer Science Engineering or a related field.
• 4-8 years of experience in cybersecurity information assurance risk management or security operations.
• Experience developing cybersecurity policies and implementing security controls.
• Hands-on experience supporting cloud application endpoint identity and data security controls.
• Experience coordinating or supporting SOC 2 CMMC ISO 27001 or similar compliance initiatives.
• Ability to communicate security requirements clearly to technical and non-technical stakeholders.

Preferred Qualifications

• Experience in telecom distribution IT services or technology-enabled environments.
• Familiarity with modern security frameworks (e.g. Zero Trust NIST ISO) and risk-based security approaches.
• Experience working with cloud platforms (Azure preferred) and SaaS environments.
• Professional certifications such as Security CISSP CISM CRISC or ISO 27001 Lead Implementer (or in progress).

Key Performance Indicators (KPIs)

Cybersecurity Posture & Controls

• Control Implementation Coverage: 90% of required security controls implemented and validated across in-scope systems.
• Reduction in Security Gaps: 25% year-over-year reduction in identified control deficiencies.
• Vulnerability Remediation SLA Compliance: 90% of vulnerabilities remediated within defined timelines.

Policy & Governance

• Policy Coverage Rate: 95% of required cybersecurity policies documented and approved.
• Policy Review Timeliness: 100% of policies reviewed and updated per governance schedule.
• Policy Adoption Rate: 85% adherence across business units.

Compliance & Audit Readiness

• Audit Readiness Status: Maintain continuous audit-ready posture for SOC 2 CMMC and ISO 27001.
• Audit Findings: Zero repeat high-risk findings across audit cycles.
• Evidence Acceptance Rate: 95% of audit evidence accepted without rework.

Operational Effectiveness

• Incident Response Support: Timely participation in 95% of security incidents and exercises.
• Monitoring Coverage: 90% of critical systems generating actionable security logs and alerts.
• Documentation Accuracy: 100% of security controls processes and diagrams maintained and current.

Collaboration & Business Enablement

• Stakeholder Satisfaction: 85% satisfaction rating from IT Engineering and Operations teams.
• Security Enablement: Demonstrated support for modernization initiatives without introducing delivery delays.

About NWS

NWS empowers service providers integrators contractors and organizations of all sizes to stay ahead of the curve. Established in 2012 and headquartered in Greensboro North Carolina USA NWS boasts an extensive range of services across three key market segments.

Our cable solutions showcase cutting-edge copper fiber and hybrid designs. With a proficient team of engineers manufacturing and supply chain experts we can tailor these custom-trunked cable solutions to precise specifications ensuring our clients benefit from the most reliable and efficient telecom solutions on the market.

Join our energetic and vibrant team of skilled professionals and be part of the excitement at NWS. Our employees enjoy a culture that values initiative teamwork high values and integrity.

To learn more about us please visit our website at - Wireless Solutions (NWS) is committed to maintaining a safe compliant and professional workplace. As part of our hiring process all offers of employment are contingent upon the successful completion of a background check and drug screening where permitted by law.

Background checks may include but are not limited to verification of employment history education criminal records and other relevant factors in accordance with applicable federal state and local laws.

Drug screening may be required based on the nature of the position and applicable regulations. NWS complies with all relevant laws regarding drug testing including any accommodations required under the Americans with Disabilities Act (ADA) or other applicable statutes.

A candidates failure to pass the background check or drug screening may result in the withdrawal of an employment offer. Any falsification or omission of information during the hiring process may also be grounds for disqualification or termination of employment.

By submitting an application to NWS candidates acknowledge and consent to the companys background check and drug screening policies.

Required Experience:

IC