Senior Information Security Compliance Analyst

Data Recognition CorporationMaple Grove, MN
409d
Match Resume

About The Position

The Senior Information Security Compliance Analyst at Data Recognition Corporation (DRC) plays a crucial role in managing and leading various risk and compliance activities within the Information Security Team. This position is responsible for ensuring the secure operation of the DRC environment by overseeing internal and external security reviews, maintaining security policies, and promoting business continuity efforts. The analyst will focus on enhancing compliance maturity and managing audits related to government contracts and cybersecurity efforts.

Requirements

  • 5+ years of Information Security, GRC, or Compliance experience.
  • Experience working with DoD/Government.
  • Deep knowledge in NIST 800-53 and NIST 800-171 frameworks.
  • Working knowledge of Risk Management Framework (RMF) and compliance with security technical implementation guides (STIGs).
  • Experience leading and managing a SOC 2 Type II compliance audit.
  • Possesses a high level of personal integrity and the ability to handle sensitive information discreetly.
  • Excellent communication skills and ability to work well in a team and independently.

Nice To Haves

  • Four-year college degree in IT, Computer Science, or Cybersecurity.
  • Internal or External Audit or Compliance experience.
  • Experience with Federal Information Security Management Act (FISMA) and NIST security controls.
  • Security certification such as Certified Information Security Auditor (CISA) or Certified in Risk and Information Security Controls (CRISC).
  • Experience with ISO 27001 certification.
  • Experience supporting third-party vendor security assessments and audits.

Responsibilities

  • Manage and lead compliance and risk functions to enhance compliance maturity.
  • Obtain and maintain Authority to Operate (ATO) approvals for government contracts by adhering to NIST Risk Management Framework (RMF).
  • Support cybersecurity efforts, including the development and management of System Security Plan (SSP) documentation and Plans of Action and Milestones (POAMs).
  • Assess and audit systems security controls and conduct continuous monitoring activities.
  • Manage internal and external annual audits, including FISMA, NIST, ISO 27000 series, and SOC II Type 2 audits.
  • Maintain and drive remediation on Plan of Action and Milestones (POAM).
  • Develop and review security policies and standards.
  • Lead security risk management and exception processes.
  • Manage and enhance Business Continuity/Disaster Recovery processes.
  • Update and maintain security and compliance metrics.

Benefits

  • Medical insurance
  • Wellness programs
  • Dental insurance
  • Vision insurance
  • 401(k) plan
  • Flexible spending accounts
  • Health savings accounts
  • Short and long-term disability insurance
  • Life insurance
  • Generous paid time off policy
  • Community service leave

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Industry

Educational Services

Education Level

High school or GED

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service