Jobs · Finance · Massachusetts

Compliance Specialist

Aquila Technology · Lexington, MA · 1 wk ago
FinanceFull-time

About the role

Aquila Technology is seeking a IT Security Risk Auditor to join its team in support of one of the nation’s premier defense research organizations. The teams overall mission is to enable research and development while keeping the organizations community safe and secure through the protection of information, network, facilities and personnel.

Responsibilities

  • Perform audits of classified and unclassified Information Systems (IS) to ensure they are being maintained in a compliant manner and are following applicable laws and government regulations, such as NISPOM guidelines regarding the protection of classified information systems, NIST standards and special publications, CMMC, DAAPM, and organizational Information System Security Procedures.
  • Conduct comprehensive assessments of the management, operation, monitoring, and technical security controls employed within or inherited by Information Systems to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome).
  • Validate compliance with various government regulations and organizational Information Security policies.
  • Support preparation for audit/review activities.
  • Identify potential compliance issues and recommend policy/procedure changes.
  • Support DCSA facility compliance reviews and security audits.

Requirements

  • Bachelor’s degree in Computer Science, Information Technology, Computer Information Systems, or related field is required with a minimum of seven (7) years’ experience conducting risk assessments.
  • Experience in compliance auditing, security reviews, or vulnerability assessments.
  • Technical experience and skills, course work completed toward a degree, and industry IT certifications (i.e., CISSP, CISA) may be considered substitutes for education and experience.
  • In-depth knowledge of information security principles and policies such as Risk Management Framework (RMF) as presented by the National Institute of Standards and Technology (NIST), NIST SP 800-171, and Security Technical Implementation Guides (STIGs).
  • The ability to read, understand, and apply government regulation, policies, and procedures such as the National Industrial Security Program Operating Manual (NISPOM), 32 CFR Part 117, FAR/DFARS Safeguarding CUI series (252.204-7012, etc.), computer security principles and policies, to include, Security Technical Implementation Guides (STIGs) and NIST 800-53 / Risk Management Framework (RMF) and NIST SP 800-171.
  • Working experience directly related to Assessment and Authorization using at least one of the following: NIST 800-53/Risk Management Framework (RMF), Joint Special Access Program (SAP) Implementation Guide, NIST SP 800-171, Understanding of CMMC Framework, National Industrial Security Program Operating Manual (NISPOM) Chapter 8.
  • Preferred: Information Assurance Certifications preferred (CISSP, CISA, Security+, CCP/CCA, or other industry-recognized Certification that validate knowledge in Cybersecurity framework or equivalent).

Qualifications

  • Must be able to obtain an Active Secret Clearance to be considered.
  • Must be US Citizen.

Skills

  • Strong Verbal and Written Communication
  • Strong Time Management

Benefits and Perks

  • PTO – 15 days (vacation/sick)
  • 10 paid holidays – 6 standard (New Year’s, Memorial Day, Independence Day, Labor Day, Thanksgiving, and Christmas) – 4 floating holidays prorated based on your day of hire: 1.5 paid days, or 12 hours, for approved volunteer work
  • 1 week of paid maternity/paternity LOA after 1 year of Full-time employment
  • Tuition & Training Reimbursement- 5K annually for pre-approved, Eligible full-time team members who have completed a minimum of six (6) months of employment may apply for tuition reimbursement for approved, job-related courses taken through an accredited college or university. Team members must achieve a grade of “B” or better to qualify for reimbursement.
  • Aquila will reimburse team members who work from home ONLY for cell phone, data, and home internet expenses. Employees eligible for this benefit must work remote 2 days a week or more to qualify.
  • Buy Your Own Device (BYOD) – Team members are eligible for reimbursement of up to $1,500 every three (3) years for the purchase of electronic equipment used to access corporate services. To qualify for this benefit, employees must have completed a minimum of six (6) months of employment and must agree to and sign the Device Minimum Configuration Form prior to reimbursement.
  • Electronic devices eligible under the Buy Your Own Device (BYOD) program are limited to cell phones, laptops, and tablets.

Pay

Salary range: $80,000 - $120,000 DOE

Schedule

This position will be predominantly onsite for the first 3-4 months (probably 4 days/wk onsite). After the initial ramp up period, there may be an opportunity for more remote, 2-3 days/week. Long term, candidate must be comfortable with being onsite at least 2+ days and as needed for the project work.

Similar jobs

Compliance Specialist

Archdiocese of ChicagoChicago, IL· 1 wk ago
Finance$53k–$65k/yrapply on recruiting2.ultipro.com

Compliance Specialist

McMichael Taylor Gray, LLCPeachtree Corners, GA· 2 mo ago
Financeapply on recruiting.paylocity.com