Haystack
← Back to Jobs
Administrative

Junior Security Assessment Specialist

Nexylum Global LLCUnited States🇺🇸United StatesPosted 7 Jul 2026

Quick Overview

Work Type
Hybrid
Level
Junior

Job Description

Junior Security Assessment Specialist

 

About the Role:

We are seeking a highly motivated and detail-oriented Junior Security Assessment Specialist to join our Security team. This individual will play a key role in evaluating the security posture of our systems and applications, ensuring compliance with both U.S. and international standards such as FedRAMP and BSI IT-Grundschutz (Germany). The ideal candidate thrives in collaborative environments, brings a strong technical foundation, and is well-versed in modern infrastructure, deployment, and automation technologies.

 

Key Responsibilities:

• Collaborate effectively with cross-functional teams to assess, document, and communicate security risks and mitigation strategies.

• Perform the scanning procedures required for the comprehensive security assessments in alignment with FedRAMP, BSI IT-Grundschutz, and other international regulatory frameworks

• Provide clear, actionable recommendations to improve security posture based on assessment findings, industry best practices, and compliance requirements.

• Support the development and continuous refinement of security assessment methodologies and documentation.

• Analyze and validate security controls across multiple cloud providers like OpenStack (AWS, Azure and Google Cloud Platform also accepted) hosted clouds.

• Apply knowledge of Terraform, Ansible, and a broad spectrum of programming and deployment technologies (e.g., CI/CD pipelines, scripting languages, container orchestration, infrastructure-as-code) to support secure system design and auditing.

• Communicate findings and risk summaries to both technical and non-technical stakeholders, helping drive a security-first culture across the organization.

 

Qualifications:

• 3+ years of experience in information security, risk assessments, or related fields.

• Familiarity with FedRAMP, BSI IT-Grundschutz, ISO 27001, or similar regulatory/compliance frameworks.

• Hands-on experience with infrastructure automation tools (e.g., Terraform, Ansible) and scripting languages (e.g., Python, Bash).

• Understanding of modern deployment methodologies, cloud architecture, and DevSecOps practices.

• Strong communication skills with the ability to explain technical issues to a broad audience.

• Security certifications such as CISSP, CISA, or similar are a plus.

 

 

Nice to Have:

• Experience participating in third-party audits or assessments.

• Knowledge of secure coding practices and application security testing.

• Familiarity with container security, Kubernetes, and cloud-native technologies.

Similar jobs