Job title: IT Security Compliance Analyst
Company: Dovel Technologies
Job description: Job Family: IT Cyber Security
Travel Required: Up to 10%
Clearance Required: None
What You Will Do:
The Security Compliance Analyst is a member of a service-oriented team with upwards to six (6) personnel within the Information Security Compliance team that are focused on framework compliance for the following frameworks: ISO 27001, ISO 20000, NIST 800-171, CMMC, HIPAA, HITRUST, and IT General Controls. Other services in scope of the Information Security Compliance team include management of the Governance Risk and Compliance solution, continuous monitoring, evidence assessment, and client audits. Effectively supports and executes multiple or more complex IT Security Compliance projects that may span company-wide initiatives within scope, timeline, and budget. Applies technical knowledge to innovation and performance improvement while demonstrating critical thinking and sound logic when assessing problems and opportunities in generating solutions. Accountable for ensuring the day-to-day operations of maintaining and protecting Guidehouse and Client data to the NIST SP 800-171 standards with the management of the compliance and execution of the all Guidehouse compliance programs. Reports directly to the IT Security Compliance Manager.
- Achieves operational targets within IT Security Compliance area with direct impact on results
- Executes daily work within existing procedures and guidelines
- May influence other technical staff through explanation of facts, policies and practices related to job area
- Communicates with contacts typically within the project area or technical department on matters that involve obtaining or providing information requiring some explanation or interpretation in order to reach agreement
- Entry to established level technical individual contributor
- Builds on knowledge of an industry or segment and works to deepen experience across a range of projects
- Follows operating guidelines and identifies recommended enhancements in processes to improve effectiveness of IT Security Compliance area
- Works under close to limited supervision on small to midsize projects or assignments
- Requires general instructions for new lines of work or special projects
- Assists with the implementation and executes on technical initiatives and solutions
- Relies on limited experience and judgment to plan and accomplish assigned tasks and goals
What You Will Need:
- United States Citizenship
- Bachelor’s Degree desired
- Minimum 2-4 years of prior relevant experience; (Relevant experience may be substituted for formal education or advanced degree)
- Shall possess one or more of the following certifications:
- (ISC)2 Certified Information Security Professional (CISSP)
- ISACA Certified Information Security Manager (CISM)
- ISACA Certified Information Systems Auditor (CISA)
- ISO 27001 Certified Lead Auditor
- ISO 9001 Certified Lead Auditor
- Project Management Professional (PMP)
- Security+
- Must be able to work East Coast US business hours
- Experience supporting Microsoft Windows 10 operating system
- Experience supporting Microsoft Azure and O365 cloud environments
- Experience supporting Amazon AWS cloud environments
- Experience working with one or more of the following audits:
- NIST SP 800-171
- NIST SP 800-53
- Supplier Performance Risk System (SPRS)
- Cybersecurity Maturity Model Certification (CMMC)
- Federal Risk and Authorization Management Program (FEDRAMP)
- HIPAA
- HITRUST
- ISO 9001
- ISO 27001
- ISO 20000
- UK Cyber Essentials / UK Cyber Essentials Plus (+)
- IT General Controls
- Experience documenting processes and procedures to comply with required NIST and IT standards
- Working knowledge of risk governance and mitigation strategies with vulnerability management, phishing simulation training, and 3rd party penetration tests (internal and external)
- Ability to work on many concurrent and changing priorities flexibility is a must
- Action-oriented and able to manage and meet aggressive timelines and deadlines
- Must have excellent organizational and time management skills
What Would Be Nice To Have:
- Experience working with Governance Risk and Compliance tools beyond the manual processes of excel sheets, folders, and emails
- Working knowledge of Qualys
- Experience with PCI and SOC controls
- Experience with Microsoft Azure Compliance Center
- Working knowledge of Active Directory, Exchange, SharePoint, and Teams
- Demonstrated ability to learn and document new technologies/solutions
- Experience with ServiceNow is a plus
- Experience with Cyber Security ScoreCards such as: Security ScoreCard, BitSight, etc.
- Experience working in an ITIL environment
The annual salary range for this position is $66,700.00-$100,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
What We Offer:
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Position may be eligible for a discretionary variable incentive bonus
Parental Leave and Adoption Assistance
401(k) Retirement Plan
Basic Life & Supplemental Life
Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
Short-Term & Long-Term Disability
Student Loan PayDown
Tuition Reimbursement, Personal Development & Learning Opportunities
Skills Development & Certifications
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Emergency Back-Up Childcare Program
Mobility Stipend
About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.
Expected salary: $66700 – 100000 per year
Location: Atlanta, GA