Jobs · Information Technology · Virginia

Information Security Compliance Specialist

Securiport · Reston, VA · 2 mo ago
On-siteInformation TechnologyFull-time

Job Summary

The Information Security Compliance Specialist is responsible for identifying risks and ensuring the organization remains compliant with industry standards, relevant laws, and regulations. This role is instrumental in maintaining ISO 27001 and ISO 27701 certifications, as well as achieving and sustaining compliance with NIST 800-171.

Essential Functions

  • Own and maintain ongoing compliance with ISO 27001, ISO 27701, GDPR, and NIST 800-171 requirements

  • Prepare for, coordinate, and support internal and external security audits, including evidence collection and remediation tracking

  • Conduct risk assessments, identify compliance gaps, and recommend corrective actions

  • Develop, implement, and continuously improve information security policies, procedures, and controls

  • Maintain audit artifacts, compliance documentation, and records to support certifications and assessments

  • Partner closely with IT, Security, and cross-functional teams to align compliance initiatives with security operations

  • Act as the primary liaison with auditors, regulators, and third-party assessors

  • Support incident response activities by ensuring proper compliance documentation and reporting

  • Deliver training and guidance to employees on security policies and best practices

Required Knowledge, Skills, Abilities

  • Strong working knowledge of ISO 27001, ISO 27701, and NIST 800-171 compliance frameworks

  • Solid understanding of cybersecurity frameworks, regulatory standards, and industry best practices

  • Proven ability to author and maintain security policies, procedures, and documentation

  • Strong analytical skills with the ability to translate compliance requirements into actionable remediation plans

  • Excellent organizational and project management skills to track multiple compliance initiatives

  • Clear, effective communication skills for training and cross-functional collaboration

Required Education, Certifications/Licenses, Related Experience

  • Bachelor’s degree in Information Security, Cybersecurity, Compliance, or a related field (or equivalent experience)

  • 3+ years of experience in information security compliance, risk management, audit, or a related role

  • Hands-on experience with ISO 27001, ISO 27701, NIST 800-171, and GDPR

  • Relevant certifications preferred: CISA, CISM, CISSP, ISO 27001

  • In lieu of a degree, 8+ years of relevant experience will be considered

Physical Job Requirements

  • Ability to work in an office environment with extended periods of desk work

  • Occasional lifting of equipment or documentation materials

  • Availability to respond to compliance-related matters outside normal business hours when needed

Travel Requirements

  • Occasional travel for training, conferences, or collaboration with remote teams

  • Travel may include car, air, or train

Similar jobs