| Job Openings! Sr Cybersecurity Compliance Analyst - Fulltime Role - Pittsburgh, Pennsylvania(Hybrid) at Pittsburgh, Pennsylvania, USA |
| Email: [email protected] |
| From: John Moses, NorthITE [email protected] Reply to: [email protected] SENIOR CYBERSECURITY COMPLIANCE ANALYST Location: Pittsburgh, Pennsylvania, United States Scheduled work from home days work from home - Tuesday and Friday. USC & GC ONLY Security Clearance Required: YES Industry: Aerospace / Aviation / Defense Job Category: Information Technology - Computer Network Security. Responsibilities The client is currently in search of a Senior Cybersecurity Compliance Analyst to join their Global Information Services (GIS) team in Pittsburgh, PA. This position has global (domestic and international) accountabilities for all location operating units as well as GIS worldwide. Primary purpose is to provide professional-level support for the company's cyber security initiatives, projects, and ongoing activities. Major Activities/Key Challenges: Provide Support to Cybersecurity Maturity Model Certification (CMMC) Senior Operations Manager in all aspects of CMMC Operations Management Assist in coordination of various Compliance Assessments (self, scheduled, and on-demand) to include CMMC (CyberAB/Certified 3rd Party Assessment Organization (C3PAO)), Defense Industrial Base Cybersecurity Assessment Center (DIBCAC), State Dept. etc. Facilitate and assist in design, plan and management of the overall assessments including logistics and documentation release during assessments. Assist in coordination with Corporate Communications to validate Controlled Unclassified Information (CUI)/Federal Contract Information (FCI) is not present for externally facing communications. Assist in managing quarterly Authorization to Operate (ATO) and Assessment and Authorization (A&A). Assist with any CMMC control changes/updates/realignments and review the controls for applicability or re-implementation. Track and facilitate Policy/Standard/Procedure review and update cadence. Store and manage limited CUI (e.g., Assessment Results, out briefs, Reclama forms/submissions, etc.). Track Plan of Action and Milestones (POA&Ms) and Risk, Actions, Issues & Decisions (RAID) items. Risk Management and Risk tracking as needed. Corporate Commercial and Government Entity (CAGE) code maintenance and Supplier Performance Risk System (SPRS) reporting. Manages and facilitates continuous monitoring of CMMC controls (10+ controls/month) Provide support to Business Unit Assessments Develops various mappings between different compliance program requirements and National Institute of Standards and Technology (NIST) special publications. Provides interpretation of requirements (NIST, Defense Federal Acquisition Regulation Supplement (DFARS), CMMC, etc.) to different Resource Units and Business Units. Coordinates with and assists different technology areas (Applications, Infrastructure, Network, Security, etc.) and functional areas (Compliance, Human Resources, Internal Audit, Legal, Physical Security, Procurement, etc.) regarding CMMC. Performs other duties as assigned aligned to CMMC. Skills: Organizational skills and discipline to build and maintain structured plans. Able to forge strong, trusting collaborative relationships. Ability to create and think through complex technical problems and identify/resolve gaps. Ability to objectively view and assess cyber security alternatives. Self-driven with an acute sense of urgency. Interpersonal skills to manage often difficult or highly technical conditions. Results driven and accountable for actions. Works equally well whether independently or as part of a physical or virtual, global team. Ability to work with data of highest sensitivity in complete confidence. Experience valuing a diverse workforce and inclusive work environment. Qualifications Basic Qualifications Bachelors degree in computer science, Information Systems or Cybersecurity from an accredited institution or an associate degree with 5 years of experience in IT, with a minimum 3 years of that in cyber security disciplines Minimum 2 years of experience with DFARS 7012, NIST 800-171 and other NIST publications Minimum 1 year of experience with various data types such as Controlled Unclassified Information (CUI), Controlled technical Information (CTI), Federal Contract Information (FCI), International Traffic in Arms Regulations (ITAR), or Export Administration Regulation (EAR99) Employees must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of Hire. Visa sponsorship is not available for this position. Preferred Qualifications: Demonstrated experience in and exposure to Compliance programs especially CMMC and DIBCAC Experience managing security in a manufacturing environment. Security related Certifications such as CISSP, Security+, CISA CMMC Certifications such as CMMC-RP and/or CMMC CCP Experience with and/or robust understanding of POA&Ms, assessment processes, risk management, procedure analysis Experience implemented successful NIST 800-171 / CMMC / ITAR / SarbanesOxley Act (SOX) security controls. Thanks&Regards John Moses [email protected] 6039 Norma Jean ln Billings, MT 59101 Keywords: information technology green card microsoft Montana Pennsylvania |
| [email protected] View all |
| Wed Jan 24 19:45:00 UTC 2024 |