Senior Governance, Risk, and Compliance Engineer

Stelle nicht auf LinkedIn

🕒 vor 19 Tagen

🇺🇸 Vereinigte Staaten – Remote

💵 $110.336 - $144.459 / Jahr

⏰ Vollzeit

🟠 Senior

🚔 Compliance

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

IonQ

WebsiteLinkedInAlle Stellen

201 - 500 Mitarbeiter

Gegründet 2015

🤖 Künstliche Intelligenz

🔌 API

🏢 Unternehmen

Artificial Intelligence • API • Enterprise

IonQ ist ein Unternehmen, das sich auf Quantencomputing spezialisiert hat und eine Quanten-Cloud-Plattform anbietet, die es Nutzern ermöglicht, auf Quantenprozessoren zuzugreifen und diese zu nutzen. Sie bieten umfangreiche Dokumentationen und Ressourcen für Entwickler, um Quantencomputing-Lösungen mit ihren SDKs und APIs zu erlernen und umzusetzen, wobei sie sich in Plattformen wie Qiskit, Cirq und TensorFlow integrieren lassen. IonQ bietet auch Integrationen mit Cloud-Diensten wie Amazon Braket, wodurch hybrides Cloud-Quantencomputing ermöglicht wird. Ihre Plattform umfasst Tools zur Verwaltung von Jobs, Organisationen und Projekten sowie Simulatoren, die Rauschmodelle unterstützen und bis zu 29 Qubits verarbeiten können. IonQ hat sich der Weiterentwicklung der Quantencomputing-Technologie verschrieben und bietet Community-Support über Kanäle wie Slack an.

Beschreibung

• Architect and own end-to-end CMMC implementation and audit readiness, including scoping strategy, control mapping, SSP and POA&M development, evidence collection, and remediation tracking across the organization. • Interpret and apply DFARS clause requirements, including DFARS 252.204-7012, 252.204-7019, and 252.204-7020, translating contractual obligations into operational controls and owning accurate SPRS submissions. • Lead recurring internal audits of NIST 800-171 security controls and drive end-to-end preparation for C3PAO assessments, including evidence packages, assessment logistics, and assessor coordination. • Architect CUI environments to meet CMMC boundary requirements, including network segmentation, access control, media protection, and FIPS-validated encryption; lead evaluation of cloud environments against CMMC scoping guidance. • Drive implementation of technical controls across NIST 800-171 practice families, including MFA, audit logging, configuration management, incident response, and vulnerability management, engaging directly with engineering teams. • Serve as the primary CMMC subject matter expert at IonQ, developing compliance roadmaps, facilitating readiness workshops, and providing authoritative guidance on DFARS flow-down requirements for subcontractors. • Partner with legal and contracts teams to review FAR/DFARS clauses in new and existing contracts, flagging CUI obligations and CMMC level requirements, and lead coordination with regulatory teams on ITAR and EAR obligations as they intersect with CUI handling. • Develop and operate a formal risk management program covering IT systems and infrastructure, maintain a risk register, and provide regular executive-level reporting on posture, open risks, and remediation progress. • Own and mature the organization’s GRC platform to support evidence management, POA&M tracking, and risk register maintenance, and build compliance dashboards for leadership visibility.

🎯 Anforderungen

• 5–8 years of professional experience in cybersecurity compliance, GRC, or security engineering, with demonstrated hands-on ownership of NIST SP 800-171 and CMMC compliance programs. • Proven track record developing SSPs, POA&Ms, and C3PAO assessment artifacts, and independently scoping CUI environments across realistic system boundaries. • Deep working knowledge of DFARS cybersecurity clauses (7012, 7019, 7020), CMMC 2.0 framework structure across all three levels, and the difference in assessment methodology between self-assessment and C3PAO. • A technical background in systems administration, cloud security, or security engineering sufficient to credibly lead control implementation discussions with IT and engineering teams, including network architecture, IAM, key management, logging, and endpoint management. • Experience leading cross-functional compliance initiatives and translating technical requirements for non-technical stakeholders including legal, finance, and executive leadership. • Bachelor’s degree in Computer Science, Information Security, or equivalent practical experience.

🏖️ Vorteile

• Comprehensive medical, dental, and vision plans • Matching 401K • Unlimited PTO and paid holidays • Parental/adoption leave • Legal insurance • Home technology stipend