Job Requirements
Cambridge, MA
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Position: Senior Information Security Compliance Analyst
Location: Boston, MA (Hybrid/Must be Local)
Length: 6+ Month Contract
Job Description:
The Info Sec Compliance Analyst is responsible for ensuring compliance with industry regulations, laws, and internal policies. They assess and analyze the organization's processes, policies, and procedures to ensure that they are in line with the relevant standards and regulations.
Essential Duties and Responsibilities:
• Responsible for the implementation of clients’ Governance Risk and Compliance (GRC) technology tool.
• Support approved marketplace solutions (cloud & on premises) relative to cyber solutions and information technology platforms.
• Review of supply chain cyber questionnaires and follow-up with vendors/contractors ensuring that controlled unclassified information (CUI) is protected within those vendors’/contractors’ computing environments.
• Assist in corporate policy development, documentation, and socialization to ensure adherence to such policies, including refresh/overhaul relative to such policies.
• Drafting and implementation of procedures and standards pertaining to enterprise policies.
• Documenting information security control artifacts and follow up of plan of actions and milestones (PoAM) items to ensure compliance with various regulations, with particular focus on CUI.
• Identifier of risk relative to information/cyber risk, and measures regarding minimization of such risks.
Qualifications:
• 5-7 years of experience in Compliance and Risk Management
• Bachelor’s Degree or equivalent combination of education and experience in Information Security, Computer Science, Management Information Systems, or related curriculum.
• Technical and functional experience in domain of Governance, Audit, Risk Management and Regulatory Compliance.
• Knowledge of the following frameworks/compliance regimes; NIST, CMMC and Fed Ramp compliance.
• Understands risk assessment methodologies, frameworks, and procedures and the ability to work flexibly with them to meet organizational size, maturity, and culture consideration.
• Able to learn and work on new domains and technology.
• Knowledge of CUI and the control sets and documentation necessary for adherence to CUI management and safe keeping.
• Ability to think strategically about security risks and tie those to tactical organizational activities and goals.
• Ability to plan, research, and develop security policies, standards, and procedures.
• Ability to clearly articulate issues and communicate in an effective and personable manner.
• Able to build a network of relationships across functions and to inform and liaise with senior management.
• Processes development and implementation and standards expertise with insights into engineering models and tools.
• Familiar with NIST 800-171, 800-153, and CMMC frameworks and DFARS regulatory requirements.L311
POST-OFFER BACKGROUND CHECK IS REQUIRED. Digital Prospectors is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by law. Digital Prospectors affirms the right of all individuals to equal opportunity and prohibits any form of discrimination or harassment.
Come see why DPC has achieved:
• 4.9/5 Star Glassdoor rating and the only staffing company (< 1000 employees) to be voted in the national Top 10 ‘Employee’s Choice - Best Places to Work’ by Glassdoor.
• Voted ‘Best Staffing Firm to Temp/Contract For’ 8 consecutive years in a row by Staffing Industry Analysts as well as a ‘Best Company to Work For’ by Forbes, Fortune and Inc. magazine.
As you are applying, please join us in fostering diversity, equity, and inclusion by completing the Invitation to Self-Identify form today!
www.LoveYourJob.com
Location: Boston, MA (Hybrid/Must be Local)
Length: 6+ Month Contract
Job Description:
The Info Sec Compliance Analyst is responsible for ensuring compliance with industry regulations, laws, and internal policies. They assess and analyze the organization's processes, policies, and procedures to ensure that they are in line with the relevant standards and regulations.
Essential Duties and Responsibilities:
• Responsible for the implementation of clients’ Governance Risk and Compliance (GRC) technology tool.
• Support approved marketplace solutions (cloud & on premises) relative to cyber solutions and information technology platforms.
• Review of supply chain cyber questionnaires and follow-up with vendors/contractors ensuring that controlled unclassified information (CUI) is protected within those vendors’/contractors’ computing environments.
• Assist in corporate policy development, documentation, and socialization to ensure adherence to such policies, including refresh/overhaul relative to such policies.
• Drafting and implementation of procedures and standards pertaining to enterprise policies.
• Documenting information security control artifacts and follow up of plan of actions and milestones (PoAM) items to ensure compliance with various regulations, with particular focus on CUI.
• Identifier of risk relative to information/cyber risk, and measures regarding minimization of such risks.
Qualifications:
• 5-7 years of experience in Compliance and Risk Management
• Bachelor’s Degree or equivalent combination of education and experience in Information Security, Computer Science, Management Information Systems, or related curriculum.
• Technical and functional experience in domain of Governance, Audit, Risk Management and Regulatory Compliance.
• Knowledge of the following frameworks/compliance regimes; NIST, CMMC and Fed Ramp compliance.
• Understands risk assessment methodologies, frameworks, and procedures and the ability to work flexibly with them to meet organizational size, maturity, and culture consideration.
• Able to learn and work on new domains and technology.
• Knowledge of CUI and the control sets and documentation necessary for adherence to CUI management and safe keeping.
• Ability to think strategically about security risks and tie those to tactical organizational activities and goals.
• Ability to plan, research, and develop security policies, standards, and procedures.
• Ability to clearly articulate issues and communicate in an effective and personable manner.
• Able to build a network of relationships across functions and to inform and liaise with senior management.
• Processes development and implementation and standards expertise with insights into engineering models and tools.
• Familiar with NIST 800-171, 800-153, and CMMC frameworks and DFARS regulatory requirements.L311
POST-OFFER BACKGROUND CHECK IS REQUIRED. Digital Prospectors is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by law. Digital Prospectors affirms the right of all individuals to equal opportunity and prohibits any form of discrimination or harassment.
Come see why DPC has achieved:
• 4.9/5 Star Glassdoor rating and the only staffing company (< 1000 employees) to be voted in the national Top 10 ‘Employee’s Choice - Best Places to Work’ by Glassdoor.
• Voted ‘Best Staffing Firm to Temp/Contract For’ 8 consecutive years in a row by Staffing Industry Analysts as well as a ‘Best Company to Work For’ by Forbes, Fortune and Inc. magazine.
As you are applying, please join us in fostering diversity, equity, and inclusion by completing the Invitation to Self-Identify form today!
www.LoveYourJob.com
group id: digipros
