Cybersecurity Compliance Analyst

  • April 24, 2024
  • by admin

The successful candidate will be responsible for ensuring that our organization adheres to regulatory and legal requirements. They will also be responsible for developing and implementing policies and procedures to ensure our organization is compliant with all applicable regulations and standards to include CMMC Level 2 and other NIST requirements. The successful candidate will also provide compliance and security training to the organization and maintain communications with staff on latest cyber threats and vulnerabilities.



SPECIFIC RESPONSIBILITIES:

  • Oversight of baseline policies, Security for CI/CD lifecycle model understanding, including steps such as identifying information systems, selecting, and implementing security controls, assessing and authorizing systems, and monitoring security controls.
  • Conduct security training and compliance initiatives company-wide, including security awareness campaigns, education, and regular auditing.
  • Coordinate communications with stakeholders, conduct training, and simulate attacks like phishing and pen testing as required by certifications and industry best practices.
  • Manage CMMC reporting and monitoring, leading efforts to ensure compliance with changing policies and requirements, for example: NIST800-171.800-53, 800-172, DFARS, FEDRAMP, TXRamp.
  • Participate in and maintain CMMC Level 1 and Level 2 certifications, creating quarterly and annual plans to maintain compliance.
  • Lead incident response efforts in alignment with best practices and regulatory guidelines such as NIST-800-53 domains.
  • Perform compliance assessments and other assigned duties related to systems maintenance, infrastructure support, desktop support, server/systems support, network infrastructure support, AV systems infrastructure support, camera system infrastructure support, and control access systems support.

 

REQUIRED SKILLS:

  • 8-10 years of documented real-world experience in IT security.
    Strong knowledge of cybersecurity principles, practices, tools, and technologies.
  • Experience with security controls implementation, monitoring, and compliance.
  • Familiarity with CMMC requirements and reporting.
  • Excellent communication skills for coordinating with various teams and stakeholders.
  • Strong problem-solving skills and attention to detail in investigating security incidents.
  • Ability to lead incident response activities effectively.

DESIRED SKILLS:

  • Proficiency in using various security tools such as VMWare – Carbon Black, Cicso OpenDNS Umbrella, Meraki, FortiNet, SELKS IDS/IPS, Greenbone Security Appliance Manager, Graylog.
  • Expertise in Active Directory and Azure AD security management.

JOB TYPE:

Full-Time