Lead Cybersecurity Compliance Engineer

Urban Outfitters-posted 3 months ago
$130,000 - $160,000/Yr
Full-time • Senior
501-1,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Lead Cybersecurity Compliance Engineer is a senior role within Urban Institute’s Technology & Data Science (TECH) department. This position is responsible for ensuring that key Urban IT systems and cloud services meet federal cybersecurity compliance requirements. In practice, the engineer will manage the FedRAMP Moderate Authority to Operate (ATO) compliance process for designated cloud systems, coordinate security requirements into contracts and procurements, and oversee vendor management, security assessments and audits. The role also involves performing regular compliance activities (such as risk assessments, vulnerability scans, and third-party audits), updating and maintaining security policies and procedures, and monitoring evolving regulatory standards. The Lead Cybersecurity Compliance Engineer will sit on the Infrastructure and Security team and report directly to the Senior Director, Infrastructure and Security.

  • Manage the FedRAMP Moderate ATO process for designated Urban cloud systems.
  • Ensure that system architectures and configurations are designed to align with the required security controls for moderate-impact information.
  • Lead cybersecurity contract reviews for all relevant IT procurements.
  • Procure and oversee third-party vendor activities.
  • Schedule and manage regular security testing and auditing activities for Urban’s FedRAMP environment.
  • Develop, update, and maintain cybersecurity policies, standards, procedures, and playbooks.
  • Support incident response activities, root cause analysis, and reporting requirements.
  • Ensure that all compliance documentation is up-to-date and accessible.
  • Stay current with federal and industry cybersecurity regulations and frameworks.
  • Coordinate briefings so that Urban teams understand their compliance obligations.
  • Work closely with Technology and Data Science leadership, project managers, and stakeholders to integrate compliance requirements into projects.
  • Provide regular status updates on compliance efforts and report any security or compliance gaps to senior management.
  • Support the Infrastructure and Security team as needed for general cybersecurity needs and initiatives.
  • At least 5 years of experience in cybersecurity or IT compliance, with a strong focus on federal security frameworks.
  • Demonstrated experience preparing for and/or maintaining FedRAMP authorizations (especially Moderate or higher).
  • Bachelor’s degree in Computer Science, Information Security, or a related field or equivalent experience.
  • Prior experience creating and/or managing system security documentation (SSPs, SARs, POA&Ms) and implementing continuous monitoring programs.
  • In-depth understanding of the NIST SP 800-53 Rev 5 security control framework.
  • Proven ability to conduct security reviews of contracts, identify required cybersecurity clauses, and manage vendor risk assessments.
  • Strong written and verbal communication skills.
  • Generous paid time off, including nine federal holidays.
  • Medical (including prescription), dental and vision insurance.
  • Transit benefits.
  • 403(b) retirement plan participation immediately after you’re hired with a generous employer contribution after six months of service and 500 hours.
  • Access to a health advocate, personal finance coaching, and an Employee Assistance Program.
  • Educational assistance for undergraduate and graduate degree programs.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Engineer Resume Examples
Cybersecurity Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service