Campus Pride Jobs

Senior Information Security Compliance Analyst Maple Grove, MN, USA * Virtual Req #555 Tuesday, November 26, 2024 DRC is one of the largest educational assessment and curriculum/instruction companies in the industry. Senior Information Security Compliance Analyst Data Recognition Corporation, Maple Grove, MN Company cannot provide sponsorship for this position Please, no agencies Summary: This position is part of the Data Recognition Corporation (DRC) Information Security Team that has an important role in the defining and enabling the secure operation of the DRC environment. This position has responsibility for managing and leading various risk and compliance activities, including internal and external security reviews that are key to validation of our security program. This position also assists with other aspects of the security practice, including maintaining DRC's security policies, standard and procedures; increasing the organizations security awareness; performing risk assessment and risk management activities; and promoting business continuity and resiliency efforts. Responsibilities: This position will manage/lead a wide range of compliance and risk functions, with the focus being on maintaining and enhancing our compliance maturity. Key responsibilities include: Obtain and maintain Authority to Operate (ATO) approvals for government contracts by adherence to NIST Risk Management Framework (RMF) Support cybersecurity efforts to include the development and management of System Security Plan (SSP) documentation, Plans of Action and Milestones (POAMs), assessing and auditing systems security controls, and continuous monitoring activities Manage internal and external annual audits (third party and customer) FISMA NIST ISO 27000 series SOC II Type 2 Various customer audits Maintain and drive remediation on Plan of Action and Milestones (POAM) Policy and standard development and review Lead security risk management and exception processes Manage and enhance Business Continuity/Disaster Recovery processes Update and maintain security and compliance metrics Essential Qualifications 5+ years of Information Security, GRC, or Compliance experience Experience working with DoD/Government Deep knowledge in NIST 800-53 and NIST 800-171 frameworks Working knowledge of the following: Risk Management Framework (RMF), compliance with security technical implementation guides (STIGs), reviewing automated vulnerability scans, documenting Plan of Action and Milestones (POA&M) Experience leading and managing a SOC 2 Type II compliance audit Possesses a high level of personal integrity and the ability to discreetly handle sensitive, personal, and classified information. Must have excellent communication skills and the ability to work well in a team and across the organization, in addition to independently driving initiatives. Preferred Qualifications Four-year college degree in IT, Computer Science, Cybersecurity Internal or External Audit or Compliance experience Experience with Federal Information Security Management Act (FISMA) leveraging National Institute of Standards and Technology (NIST) security controls (NIST 800-53, rev 4/5). Security certification such as Certified Information Security Auditor (CISA) and/or Certified in Risk and Information Security Controls (CRISC) Experience with ISO 27001 certification Experience supporting and participating in third party vendor security assessments and audits, reviewing audit findings as well as responses to security findings and remediation plans. Ability to manage cross-functional projects and initiatives as required. Reporting to this position: No direct reports The Employer retains the right to change or assign other duties to this position Company cannot provide sponsorship for this position Please, no agencies DRC offers a comprehensive benefits program that allows employees to make choices that best meet their current and future needs. We offer many benefits, including medical, wellnes , dental, and vision insurance, a 401(k), flexible spending and health savings accounts, short and long-term disability insurance, and life insurance. DRC also offers a generous paid time off policy and community service leave. Data Recognition Corporation is an Affirmative Action/Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Other details Job Family Info Tech/Info Sys Pay Type Salary Travel Required No Required Education High School Job Start Date Tuesday, November 26, 2024 Apply Now Maple Grove, MN, USA Virtual Share this job: Data Recognition Corporation is an Affirmative Action/Equal Opportunity Employer, M/F/Disabled/Veteran