Cyber Risk & Compliance Specialist

Vaga não está no LinkedIn

🕒 Maio 12

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

WiredPeople, Inc.

SiteLinkedInTodas as Vagas

11 - 50 funcionários

🎯 Recrutamento

🔒 Cibersegurança

🏛️ Governo

Recruitment • Cybersecurity • Government

A WiredPeople, Inc. é uma empresa que se especializa em fornecer estratégias inteligentes e flexíveis para a aquisição de talentos nos setores de saúde pública, TI e cibersegurança. Eles conectam equipes que precisam de pessoal extra com profissionais altamente qualificados prontos para integrar sua força de trabalho, abordando os desafios específicos enfrentados por organizações de saúde pública, departamentos de TI e empresas de cibersegurança. A WiredPeople oferece soluções de contratação rápidas e adaptáveis, especialmente benéficas para agências governamentais que buscam acessar talentos excepcionais nessas indústrias.

Descrição

• Drive and support ATO readiness efforts across NIST 800-53, CMMC, and SOC 2 frameworks, focusing heavily on hands-on control implementation and evidence generation. • Prepare, manage, and maintain ATO package documentation (SSPs, POA&Ms, and supporting artifacts), ensuring continuous accuracy, completeness, and audit-readiness. • Coordinate seamlessly with external consultants and assessors, integrating their feedback into remediation strategies and documentation updates. • Proactively track remediation progress and control gaps, escalating blockers and risks as needed. • Draft, refine, and operationalize robust security policies, procedures, and standards aligned with applicable regulatory frameworks. • Ensure controls are comprehensively documented with clear ownership, concrete implementation evidence, and recurring review cycles. • Partner with Technology, Product, and Operations teams to seamlessly embed compliance requirements into existing workflows and toolsets. • Manage and maintain the POA&M, driving the timely closure of identified gaps in tight coordination with system and control owners. • Support ConMon activities, including meticulous log reviews, control validation, and recurring evidence collection. • Assist with risk assessments, vendor security reviews, and the tracking of corrective actions. • Maintain a state of ongoing audit preparedness through disciplined recordkeeping and strict process adherence. • Serve as an approachable, knowledgeable compliance champion for Engineering, Infrastructure, and Operations teams. • Translate rigid control requirements and framework language into clear, practical guidance that business owners can easily act on. • Facilitate collaborative working sessions with system owners to gather evidence, clarify control expectations, and resolve complex implementation questions. • Communicate clearly and frequently on status, timelines, and open items to ensure stakeholders remain aligned.

🎯 Requisitos

• 3–6 years of demonstrated experience in GRC, federal security compliance, or a closely related technical role. • Deep, hands-on familiarity with NIST 800-53 is required. • Proven track record of preparing ATO packages, SSPs, and POA&Ms. • Solid working knowledge of CMMC, SOC 2, or NIST 800-171 environments. • Demonstrated ability to implement and evidence controls, not just document them. • Strong organizational and project management skills, with the ability to manage multiple complex workstreams with minimal oversight. • Clear, highly effective written and verbal communication skills. • U.S. citizenship is required; ability to support stringent federal compliance requirements.

🏖️ Benefícios

• Equal employment opportunities (EEO) to all employees and applicants