Cyber Risk & Compliance Specialist

Stelle nicht auf LinkedIn

🕒 vor 29 Tagen

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

WiredPeople, Inc.

WebsiteLinkedInAlle Stellen

11 - 50 Mitarbeiter

🎯 Rekrutierung

🔒 Cybersecurity

🏛️ Regierung

Recruitment • Cybersecurity • Government

WiredPeople, Inc. ist ein Unternehmen, das sich auf die Bereitstellung intelligenter und flexibler Strategien zur Talentbeschaffung in den Bereichen öffentliche Gesundheit, IT und Cybersicherheit spezialisiert hat. Sie verbinden Teams, die zusätzliches Personal benötigen, mit hochqualifizierten Fachleuten, die bereit sind, in deren Arbeitskräften mitzuwirken, und begegnen damit den spezifischen Herausforderungen, vor denen Organisationen der öffentlichen Gesundheit, IT-Abteilungen und Cybersicherheitsfirmen stehen. WiredPeople bietet schnelle und anpassungsfähige Einstellungslösungen, die insbesondere für Regierungsbehörden von Vorteil sind, die außergewöhnliche Talente in diesen Industrien suchen.

Beschreibung

• Drive and support ATO readiness efforts across NIST 800-53, CMMC, and SOC 2 frameworks, focusing heavily on hands-on control implementation and evidence generation. • Prepare, manage, and maintain ATO package documentation (SSPs, POA&Ms, and supporting artifacts), ensuring continuous accuracy, completeness, and audit-readiness. • Coordinate seamlessly with external consultants and assessors, integrating their feedback into remediation strategies and documentation updates. • Proactively track remediation progress and control gaps, escalating blockers and risks as needed. • Draft, refine, and operationalize robust security policies, procedures, and standards aligned with applicable regulatory frameworks. • Ensure controls are comprehensively documented with clear ownership, concrete implementation evidence, and recurring review cycles. • Partner with Technology, Product, and Operations teams to seamlessly embed compliance requirements into existing workflows and toolsets. • Manage and maintain the POA&M, driving the timely closure of identified gaps in tight coordination with system and control owners. • Support ConMon activities, including meticulous log reviews, control validation, and recurring evidence collection. • Assist with risk assessments, vendor security reviews, and the tracking of corrective actions. • Maintain a state of ongoing audit preparedness through disciplined recordkeeping and strict process adherence. • Serve as an approachable, knowledgeable compliance champion for Engineering, Infrastructure, and Operations teams. • Translate rigid control requirements and framework language into clear, practical guidance that business owners can easily act on. • Facilitate collaborative working sessions with system owners to gather evidence, clarify control expectations, and resolve complex implementation questions. • Communicate clearly and frequently on status, timelines, and open items to ensure stakeholders remain aligned.

🎯 Anforderungen

• 3–6 years of demonstrated experience in GRC, federal security compliance, or a closely related technical role. • Deep, hands-on familiarity with NIST 800-53 is required. • Proven track record of preparing ATO packages, SSPs, and POA&Ms. • Solid working knowledge of CMMC, SOC 2, or NIST 800-171 environments. • Demonstrated ability to implement and evidence controls, not just document them. • Strong organizational and project management skills, with the ability to manage multiple complex workstreams with minimal oversight. • Clear, highly effective written and verbal communication skills. • U.S. citizenship is required; ability to support stringent federal compliance requirements.

🏖️ Vorteile

• Equal employment opportunities (EEO) to all employees and applicants