JobsEQ by Chmura Logo

Cybersecurity Compliance Analyst

SAIC
Location: RESTON, VA 20190
Type: Full-Time, Remote
Posted on: July 30, 2024
This job is no longer available from the source.
Cybersecurity Compliance Analyst
Job ID: 2409954
Location: RESTON, VA, United States
Date Posted: Jul 30, 2024
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: Remote
Benefits: Click here
Share: mail Tweet Share on Facebook Share on LinkedIn
Apply Now >
Job Description
Description
The SAIC Governance, Risk, Compliance and Business Resilience team is looking for a motivated and flexible candidate to fill a Cybersecurity Compliance Analyst role. The primary focus for this position will be maintaining cybersecurity compliance posture as it relates to regulatory and standards compliance impacting defense industrial base companies.
This position can be worked 100% remotely across the US.
Responsibilities may include but are not limited to:
• Review and understand applicable regulations and standards including but not limited to NIST SP 800-171, DOD Cybersecurity Maturity Model Certification (CMMC), ISO 27001, and ISO 20000.
• Assess compliance of the enterprise network environment to applicable standards and regulations, to include hybrid on-premises and cloud environments.
• Analyze applicable regulations and standards to facilitate implementation of controls with both technical and non-technical subject matter experts (SMEs).
• Review and provide feedback on applicable new or changing regulations and standards for impacts to the company’s compliance posture, including but not limited to internal stakeholders and external industry working groups.
• Document controls implementation narratives.
• Gather and maintain evidence of controls implementation consistent with implementation narratives.
• Coordinate third-party audit and assessment activities related to regulatory and standards control compliance including evidence gathering, SME preparation, and scheduling.
• Develop, disseminate, and maintain documentation related to cybersecurity compliance processes, including but not limited to continuous controls monitoring for regulatory and standards compliance.
• Work closely with internal audit teams to validate implementation of compliance controls.
• Conduct reviews of System Security Plans (SSPs) for compliance with applicable regulations and standards.
• Engage with internal SMEs to implement controls and address control deficiencies where necessary related regulations and standards.
• Research, evaluate, and recommend solutions to address control deficiencies and identify areas for controls improvement.
• Support additional tasks related to governance, risk, and compliance activities as needed.
Qualifications
Education and Experience Requirements:
• Bachelor’s Degree and 9+ years relevant work experience in a similar Cybersecurity role, or a Master's Degree and 7+ years of experience, or a PhD or JD and 4+ years of experience. An additional 4+ years of work experience may be considered in lieu of degree.
• Must be a US Citizen.
• Ability to effectively communicate business risk as it relates to cybersecurity compliance.
• Direct experience implementing/maintaining compliance to one of the following: ISO 27001, ISO 20000, NIST SP 800-53, NIST SP 800-171, DOD CMMC.
• Experience in developing, reviewing, and/or implementing system security plans
• Strong written and verbal communication skills.
• Ability to work independently on assigned tasks as well as with cross-functional groups.
• Ability to self-assign tasks within assigned responsibilities without direct supervision and report on status of tasks.
• Strong attention to detail is critical.
• Strong time management and project management skills.
Preferred Qualifications:
• Possession of one of the following certifications: CISSP, CISA, or CAP.
• Experience working with DOD unclassified standards and requirements.
• Experience working with requirements for securing Controlled Unclassified Information (CUI).
• Experience implementing NIST Cybersecurity Framework (CSF).
• Experience using ServiceNow Continuous Authorization and Monitoring module.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Overview
SAIC® is a premier Fortune 500® technology integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives.
We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com . For ongoing news, please visit our newsroom.
Share: mail Tweet Share on Facebook Share on LinkedIn
Apply Now >