Job Description
We are currently seeking an energetic individual with confident interpersonal skills that are interested in being part of a growing team in a great working atmosphere. As an IT Compliance Associate, you will be a resource for our clients to support their security compliance initiatives. In this role, you will conduct cyber-risk management reviews to identify the gaps with compliance frameworks such as DFARS 254.204-7012, NIST 800-171, and CMMC. You will advise and recommend strategies for adopting compliance frameworks with the supporting documentation (Ex. POA&M, SSP, P&Ps, etc.). You will support the preparation and action item resolutions for third-party assessments. Our clients vary between an extensive array of technical environments and business verticals. If you are motivated to succeed in a team-oriented and creative environment, this is your opportunity for a rewarding career with excellent growth potential. The ideal candidate requires a passion for leading and mentoring a high-performance team with outstanding customer service and a passion for sustaining an ongoing process improvement culture.
NOTE: This is not a fully remote job opportunity. Commuting to our offices may be required as needed. This is a hybrid opportunity.
Responsibilities:
- Analyze technical controls to ensure specific security and compliance requirements are met by verifying documented processes, procedures, and standards to validate the management of secure configurations.
- Identify, document, and report control failures and gaps to client stakeholders. Provide remediation guidance and prepare progress reports to track the implementation of remediation tasks.
- Educate, advise, and serve as a resource on cybersecurity assessment functions for our clients.
- Track client compliance across NIST and CMMC frameworks and maintain up-to-date records of requirements, outstanding items, and/or corresponding mitigating controls.
- Establish key performance metrics for clients to track and ensure compliance with established policies and standards.
- Manage third-party risk assessments and assist in performing internal risk assessments.
- Create, update and maintain guides, policies, and training materials for cybersecurity-related processes and changes.
- Support the development of cybersecurity processes and procedures and the creation and maintenance of supporting documentation to ensure controls are managed and maintained.
- Remain current on best practices and technological advancements and act as a technical resource for cybersecurity assessment and regulatory compliance.
- Collaborate on critical client IT projects to ensure cybersecurity policy/risk issues are addressed throughout the project life cycle.
- Support the development and administration of the client's Cybersecurity and Awareness Training program.
- Participate in the client's IT change management process to ensure cybersecurity/risk compliance.
- Work with the Cybersecurity team to provide guidance, recommendations, and oversight for identifying, triaging, and responding to security events or incidents to diagnose possible breaches.
Required Skills:
- Excellent communication skills, with the ability to communicate vision, mission, and goals to audiences.
- The ability to collect data and establish facts and identify trends and variances.
- Understand support tools, techniques, and how technology is used to provide IT services.
- Work independently or in a lead consultant capacity on client projects.
- Diagnosis skills of cyber threats and network vulnerability issues.
- Multi-task and adapt to changes quickly.
- Strong project management skills
- Strong analysis and critical thinking skills
- Deadline and detail-oriented
Qualifications:
- Bachelor's Degree in Information Technology or equivalent technical experience
- Knowledge of DoD or Federal Government, cybersecurity, and security frameworks (DFARS 254.204-7012, NIST 800-171, and CMMC 2.0).
- ITIL Foundations certified preferred.
Travel Requirements: limited, some possible
Note:
Systems X is a Drug-Free Workplace where all new team members are subject to pre-employment drug testing for the following controlled substances: marijuana, cocaine, PCP, amphetamines, opioids, and alcohol, as policy dictates.
Systems X is committed to equal employment opportunities for all individuals regardless of race, color, religion, sex, gender identity, sexual orientation, national origin, age, disability, and protected veteran status.