Today
Secret
Mid Level Career (5+ yrs experience)
$120000 - $140000 per year
No Traveling
Unspecified
Oshkosh, WI (On/Off-Site)
Job Title: Lead Cybersecurity Engineer - Compliance
Job Location: Drive Oshkosh WI 54902
Onsite Requirements:
* Experience in cybersecurity including direct involvement with regulatory or framework compliance (CMMC, NIST 800-171, PCI, ISO 27001, SOC2, FAR, DFARS, etc.)
* In-depth Knowledge and experience with regulatory compliance models (NIST, HIPAA, PCI, ISO, etc.).
* Bachelor's degree in Cybersecurity, Information Systems, Communications, Computer Science or equivalent.
Job Description:
* Client Corporation designs and builds mission-critical vehicles and technology for defense, municipal and commercial customers worldwide.
* Protecting the confidentiality, integrity and availability of our information assets is foundational to that mission.
* You will be part of our cybersecurity-compliance program-guiding teams to through CMMC, UK Cyber Essentials, PCI DSS and other regulatory certifications and serve as the expert who turns requirements into pragmatic, risk-based controls.
RESPONSIBILITIES:
* These duties are not meant to be all-inclusive, and other duties may be assigned.
* Participate in or lead Cybersecurity compliance efforts across the organization, including preparation for, scheduling, and leading assessments (e.g. CMMC).
* Translate Cybersecurity control requirements into system level configurations and interpret system security capabilities for compliance requirements.
* Prepare reports detailing policy, standard, process, and control gaps related to compliance requirements and provide remediation recommendations.
* Work with management as the subject matter expert to develop program budgets and associated projects. Coordinate with IT and business regional leads to develop or modify compliance plans and strategies for different cultures, nationalities, and languages.
* Experience leading or conducting IT audits including the ability to distill technical data down to stakeholder understanding in non-technical means. Keep informed on the latest research, trends, and developments in all regulatory compliance areas.
* Serve as a trusted advisor to business functional areas (e.g., Finance, HR, Engineering) and/or internal IT resources (such as infrastructure, apps, IT services.).
* Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance.
* Maintain expert awareness of all aspects of information security and compliance, including PCI, and SOC requirements for information systems and industry best practices, such as, NIST 800-53, 800-171, 172.
* Contribute to the development and maintenance of the Cybersecurity strategy.
MINIMUM QUALIFICATIONS:
* Bachelor's degree in Cybersecurity, Information Systems, Communications, Computer Science or equivalent.
* Six (6) or more years of experience in cybersecurity including direct involvement with regulatory or framework compliance (CMMC, NIST 800-171, PCI, ISO 27001, SOC2, FAR, DFARS, etc.)
PREFERRED QUALIFICATIONS:
* Graduate degree in Cybersecurity, Information Systems, Management or equivalent.
* Relevant industry recognized certifications (CISSP, CEH, GIAC, Security+, SSAP, etc.)
* In-depth Knowledge and experience with regulatory compliance models (NIST, HIPAA, PCI, ISO, etc.).
* Hands-on design or operations background in at least one DT domain (infrastructure, cloud, or application development).
* Demonstrated knowledge of security controls for network, applications, and operating systems.
* Demonstrated conceptual, analytical, and innovative problem-solving and evaluative skills.
* Experience communicating conceptual and technical information both verbally (on phone, one-on-one, to groups) and in writing (emails, letters, reports, presentations) to various audiences (work group, team, company management, external clients).
* Experience with projects or issues of high complexity that require in-depth knowledge across multiple technical areas and lines of business.
* Experience conducting or leading IT audits.
* Hold an active or can obtain a U.S. Government Secret level or above clearance.
* Experience drafting information security policies, procedures, and standards.
* Experience testing effectiveness and adherence of cybersecurity controls.
* Translate complex contractual and regulatory requirements into actionable information system configurations.
* Experience collaborating in cross-functional work environments.
* **3rd party and subcontract staffing agencies are not eligible for partnership on this position. 3rd party subcontractors need not apply.
* Due to the nature of the work, a United States Government Clearance is required to be eligible for the position**
Job Location: Drive Oshkosh WI 54902
Onsite Requirements:
* Experience in cybersecurity including direct involvement with regulatory or framework compliance (CMMC, NIST 800-171, PCI, ISO 27001, SOC2, FAR, DFARS, etc.)
* In-depth Knowledge and experience with regulatory compliance models (NIST, HIPAA, PCI, ISO, etc.).
* Bachelor's degree in Cybersecurity, Information Systems, Communications, Computer Science or equivalent.
Job Description:
* Client Corporation designs and builds mission-critical vehicles and technology for defense, municipal and commercial customers worldwide.
* Protecting the confidentiality, integrity and availability of our information assets is foundational to that mission.
* You will be part of our cybersecurity-compliance program-guiding teams to through CMMC, UK Cyber Essentials, PCI DSS and other regulatory certifications and serve as the expert who turns requirements into pragmatic, risk-based controls.
RESPONSIBILITIES:
* These duties are not meant to be all-inclusive, and other duties may be assigned.
* Participate in or lead Cybersecurity compliance efforts across the organization, including preparation for, scheduling, and leading assessments (e.g. CMMC).
* Translate Cybersecurity control requirements into system level configurations and interpret system security capabilities for compliance requirements.
* Prepare reports detailing policy, standard, process, and control gaps related to compliance requirements and provide remediation recommendations.
* Work with management as the subject matter expert to develop program budgets and associated projects. Coordinate with IT and business regional leads to develop or modify compliance plans and strategies for different cultures, nationalities, and languages.
* Experience leading or conducting IT audits including the ability to distill technical data down to stakeholder understanding in non-technical means. Keep informed on the latest research, trends, and developments in all regulatory compliance areas.
* Serve as a trusted advisor to business functional areas (e.g., Finance, HR, Engineering) and/or internal IT resources (such as infrastructure, apps, IT services.).
* Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance.
* Maintain expert awareness of all aspects of information security and compliance, including PCI, and SOC requirements for information systems and industry best practices, such as, NIST 800-53, 800-171, 172.
* Contribute to the development and maintenance of the Cybersecurity strategy.
MINIMUM QUALIFICATIONS:
* Bachelor's degree in Cybersecurity, Information Systems, Communications, Computer Science or equivalent.
* Six (6) or more years of experience in cybersecurity including direct involvement with regulatory or framework compliance (CMMC, NIST 800-171, PCI, ISO 27001, SOC2, FAR, DFARS, etc.)
PREFERRED QUALIFICATIONS:
* Graduate degree in Cybersecurity, Information Systems, Management or equivalent.
* Relevant industry recognized certifications (CISSP, CEH, GIAC, Security+, SSAP, etc.)
* In-depth Knowledge and experience with regulatory compliance models (NIST, HIPAA, PCI, ISO, etc.).
* Hands-on design or operations background in at least one DT domain (infrastructure, cloud, or application development).
* Demonstrated knowledge of security controls for network, applications, and operating systems.
* Demonstrated conceptual, analytical, and innovative problem-solving and evaluative skills.
* Experience communicating conceptual and technical information both verbally (on phone, one-on-one, to groups) and in writing (emails, letters, reports, presentations) to various audiences (work group, team, company management, external clients).
* Experience with projects or issues of high complexity that require in-depth knowledge across multiple technical areas and lines of business.
* Experience conducting or leading IT audits.
* Hold an active or can obtain a U.S. Government Secret level or above clearance.
* Experience drafting information security policies, procedures, and standards.
* Experience testing effectiveness and adherence of cybersecurity controls.
* Translate complex contractual and regulatory requirements into actionable information system configurations.
* Experience collaborating in cross-functional work environments.
* **3rd party and subcontract staffing agencies are not eligible for partnership on this position. 3rd party subcontractors need not apply.
* Due to the nature of the work, a United States Government Clearance is required to be eligible for the position**
group id: softwinc
