Job

IT Compliance Lead (23-00152)

By March 15, 2023March 22nd, 2023No Comments

Duration: 12+ months
Compenation: Up to $85/hr
Location: 100% REMOTE (EST preferred)

Responsibilities:

  • Developing, implementing and managing IT compliance program.
  • Maintaining and manage security documentation.
  • Use knowledge and experience of assessing compliance against NIST 800-171, CMMC, CIS, and ISO controls.
  • Staying abreast of related federal regulatory compliance laws, mandates, and other requirements.
  • Monitor third-party risk assessments and assist in performing internal risk assessments.
  • Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
  • Planning, implementing and overseeing risk-related programs.
  • Creating and coordinating proper reporting channels for compliance issues.
  • Establish, implement, and maintain the organization's Information Systems Continuous Monitoring program.
  • Develop organizational program guidance (i.e., policies/procedures) for continuous monitoring of the security program and information systems.
  • Consolidate and analyze POA&Ms to determine organizational security weaknesses and deficiencies.
     

Experience/Knowledge

  • Experience managing compliance activities
  • Knowledge and understanding of ISO, FISMA, NIST and SOC-2 information security standards
  • Working knowledge of common IT security-related regulations and/or standards such as Sarbanes-Oxley and ISO highly desired
  • Experience conducting security control assessments or audits
  • Experience developing or managing a security awareness program
  • SOC-2 audit experience from a major professional services firm highly desired
  • At least one industry certification (e.g. CISA, CISM, CRISC, CISSP, ISAAP) highly desired
  • Ability to maintain security documentation and manuals