Principal Specialist, Cybersecurity & Risk Management (Remote)

About The Position

Requirements

• Typically requires a University Degree or equivalent experience and a minimum 5 years of experience, or an Advanced Degree and a minimum 3 years experience.
• 3+ years experience with IT cybersecurity frameworks (e.g., CMMC, ISO 27001, NIST 800-171, NIST 800-53, etc.)
• Experience supporting cybersecurity risk and compliance assessments
• U.S. citizenship is required, as only U.S. citizens are authorized to access information under this program/contract.

Nice To Haves

• Experience in regulations and directives including CMMC, GDPR, Cyber Essentials, etc.
• Security certifications (i.e., Security +, etc.)
• IT Governance and Risk Management certifications (i.e., CISA, CRISC, etc.)
• Industry Experience working with/for US DOD, commercial airlines, and aerospace OEMs.
• Ability to work collaboratively with remote team members
• Strong analytical and problem-solving skills and proactive, critical thinking skills.
• Ability to build and maintain customer relationships; strong team player, able to meet deadlines and adjust to changing priorities

Responsibilities

• Maintain a baseline understanding of relevant IT specific frameworks referenced in customer requests or customer requests are based upon.
• Manage customer cyber compliance requests, prioritize actions, and provide timely responses to meet customer needs.
• Create and maintain a tracking mechanism to allow for consistent customer responses, limit rework, and report metrics to stakeholders
• Support and facilitate various internal & external audits
• Partner, manage communication, and function as a liaison with external auditors and business units
• Assess compliance with policies, standards, and regulations through the performance of compliance assessments, risk assessments, and controls testing
• Identify any non-compliance with regulations, bring them to management attention and work with others to manage remediation
• Work with control owners, business partners, Enterprise Cyber teams, and Legal to ensure controls are well defined and in compliance with applicable laws and regulations
• Monitoring remediation activities, report progress, and support the publishing of metrics
• Recommend and implement new processes, policies, standards or operating plans in support of strategies
• Manage small projects or processes
• Regularly provide SME support to the business unit teams

Benefits

• Whether you’re just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs.
• Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care.