Information Assurance and Compliance Analyst

View full description

Requirements:

• 3+ years of experience in developing, implementing, and managing cybersecurity policies.
• Comprehensive understanding of cybersecurity frameworks, especially NIST Cybersecurity Framework.
• Experience achieving and maintaining security compliance with standards such as DoD IL5, FedRAMP HIGH, SOC2, and ISO.
• Expertise in data classification and protection policies for IT systems.
• Capability to prepare support for compliance audits.
• Excellent communication and training skills to educate employees.
• Ability to review and drive implementation of existing policies.
• Familiarity with the Approval to Operate process.
• Relevant certifications, such as CISSP, CISM, or CIPP/US, highly desirable.

Responsibilities:

• Develop and implement comprehensive cybersecurity policies, aligning with NIST CSF and governmental standards.
• Manage compliance with security standards and ensure policies cover technical and non-technical security needs.
• Define data classification and protection requirements for IT systems.
• Collaborate with teams to integrate policies into business operations.
• Educate employees on privacy protections and security restrictions through training.
• Review and update policies in accordance with regulations and best practices.
• Support the Approval to Operate process for IT systems.
• Troubleshoot policy implementation issues.
• Stay updated on cybersecurity trends and compliance.