Senior Security Assurance Engineer
MathWorks · Natick, MA · 3 wk ago
HybridInformation TechnologyFull-time
Responsibilities
- Conduct comprehensive audits of security controls in accordance with NIST 800-171, NIST 800-53, and CMMC guidelines.
- Evaluate the effectiveness of security measures and identify areas for improvement.
- Ensure ongoing compliance with federal and industry standards.
- Develop and maintain documentation related to compliance activities and findings.
- Provide recommendations for risk mitigation and control enhancements.
- Affiliate in the development and implementation of security policies and procedures aligned with regulatory requirements.
- Support the lifecycle management of compliance-related documentation.
- Conduct training sessions to raise awareness about compliance requirements and best practices.
- Stay updated on the latest developments in NIST and CMMC standards.
- Work closely with cross-functional stakeholders across various departments such as IT, Engineering, HR, Legal to address compliance gaps.
- Communicate audit results and recommendations to stakeholders and senior management.
Requirements
- A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required.
- Strong knowledge of software development processes, on-prem and cloud-based infrastructure, cybersecurity, network security, risk management, application security, and third-party management.
- Proven experience in security compliance auditing and cybersecurity frameworks, particularly with NIST 800-171, NIST 800-53, and CMMC.
- Excellent analytical, problem-solving, and communication skills, with a demonstrated ability to collaborate across teams and roles.
- Relevant certifications such as CISA, CISSP, or CMMC-AB Assessor are preferred.