It Compliance Associate

We are currently seeking an energetic individual with confident interpersonal skills that are interested in being part of a growing team in a great working atmosphere. As an IT Compliance Associate, you will be a resource for our clients to support their security compliance initiatives. In this role, you will conduct cyber-risk management reviews to identify the gaps with compliance frameworks such as DFARS 254.204-7012, NIST 800-171, and CMMC. You will advise and recommend strategies for adopting compliance frameworks with the supporting documentation (Ex. POA&M, SSP, P&Ps, etc.). You will support the preparation and action item resolutions for third-party assessments. Our clients vary between an extensive array of technical environments and business verticals. If you are motivated to succeed in a team-oriented and creative environment, this is your opportunity for a rewarding career with excellent growth potential. The ideal candidate requires a passion for leading and mentoring a high-performance team with outstanding customer service and a passion for sustaining an ongoing process improvement culture.

NOTE: This is not a fully remote job opportunity. Commuting to our offices may be required as needed. This is a hybrid opportunity.

Responsibilities:

• Analyze technical controls to ensure specific security and compliance requirements are met by verifying documented processes, procedures, and standards to validate the management of secure configurations.
• Identify, document, and report control failures and gaps to client stakeholders. Provide remediation guidance and prepare progress reports to track the implementation of remediation tasks.
• Educate, advise, and serve as a resource on cybersecurity assessment functions for our clients.
• Track client compliance across NIST and CMMC frameworks and maintain up-to-date records of requirements, outstanding items, and/or corresponding mitigating controls.
• Establish key performance metrics for clients to track and ensure compliance with established policies and standards.
• Manage third-party risk assessments and assist in performing internal risk assessments.
• Create, update and maintain guides, policies, and training materials for cybersecurity-related processes and changes.
• Support the development of cybersecurity processes and procedures and the creation and maintenance of supporting documentation to ensure controls are managed and maintained.
• Remain current on best practices and technological advancements and act as a technical resource for cybersecurity assessment and regulatory compliance.
• Collaborate on critical client IT projects to ensure cybersecurity policy/risk issues are addressed throughout the project life cycle.
• Support the development and administration of the client's Cybersecurity and Awareness Training program.
• Participate in the client's IT change management process to ensure cybersecurity/risk compliance.
• Work with the Cybersecurity team to provide guidance, recommendations, and oversight for identifying, triaging, and responding to security events or incidents to diagnose possible breaches.

Required Skills:

• Excellent communication skills, with the ability to communicate vision, mission, and goals to audiences.
• The ability to collect data and establish facts and identify trends and variances.
• Understand support tools, techniques, and how technology is used to provide IT services.
• Work independently or in a lead consultant capacity on client projects.
• Diagnosis skills of cyber threats and network vulnerability issues.
• Multi-task and adapt to changes quickly.
• Strong project management skills
• Strong analysis and critical thinking skills
• Deadline and detail-oriented

​Qualifications:

• Bachelor's Degree in Information Technology or equivalent technical experience
• Knowledge of DoD or Federal Government, cybersecurity, and security frameworks (DFARS 254.204-7012, NIST 800-171, and CMMC 2.0).
• ITIL Foundations certified preferred.

Travel Requirements: limited, some possible

Note:

Systems X is a Drug-Free Workplace where all new team members are subject to pre-employment drug testing for the following controlled substances: marijuana, cocaine, PCP, amphetamines, opioids, and alcohol, as policy dictates.

Systems X is committed to equal employment opportunities for all individuals regardless of race, color, religion, sex, gender identity, sexual orientation, national origin, age, disability, and protected veteran status.