Cyber Security Controls Assessor

Candidates will be disqualified if the following criteria are not met:

• Employment Type: No C2C (Corp-to-Corp) or C2H (Contract-to-Hire) arrangements. W2 contract only. No referral fees will be entertained.
• Work Authorization: US CITIZEN and GREENCARD ONLY!!!
• Hybrid if based in Oakland, CA or an hour drive to Oakland, CA
• 5 years of experience in IT Compliance, IT Audit, or Governance, Risk & Compliance (GRC), preferably supporting large-scale IT projects.
• Experience using Planisware for project tracking, portfolio governance, and milestone management.
• Cybersecurity experience

Client Job Description:

Role Overview

The IT Compliance Project Specialist acts as a compliance and governance partner across the IT project portfolio. This role ensures that IT initiatives are planned, designed, and delivered in compliance with applicable regulations, company policies, and compliance standards.

Working closely with the Compliance Lead, the Specialist provides analysis, documentation, and due diligence to support risk-based decision-making and to maintain compliance throughout the full project lifecycle.

Key Responsibilities

Project Advisory & Engagement

· Serve as a dedicated compliance advisor to project managers and delivery teams.

· Identify regulatory, policy, and control requirements early in the project lifecycle and ensure they are embedded into technical designs and project plans.

Gate Review & Approval Support

· Participate in project phase-gate reviews to assess compliance readiness.

· Review project artifacts and provide formal recommendations to the Compliance Lead to support approval, conditional approval, or remediation decisions.

Compliance Lead Support

· Function as the primary support resource for the Compliance Lead.

· Assist with executive reporting, remediation tracking, and escalation of project-level compliance risks.

Regulatory & Framework Alignment

· Ensure project alignment with applicable regulations and frameworks, including SOX, CCPA, ISO 55001, and internal company standards.

· Map project controls and artifacts to regulatory requirements to support a consistent and defensible compliance posture.

Requirements:

Qualifications

Experience

· 5 years of experience in IT Compliance, IT Audit, or Governance, Risk & Compliance (GRC), preferably supporting large-scale IT projects.

Tools & Systems

· Experience using Planisware for project tracking, portfolio governance, and milestone management.

Education

· Bachelor’s degree in information technology, Cybersecurity, Business, or a related discipline.

Certifications (Preferred)

· CISA (Certified Information Systems Auditor)

· CRISC (Certified in Risk and Information Systems Control)

· CISSP (Certified Information Systems Security Professional)

· PMP (Project Management Professional)

Delivery Methodologies

· Strong understanding of the Software Development Life Cycle (SDLC).

· Experience applying compliance controls in both Agile and Waterfall delivery models.

---

Professional Skills & Attributes

· Regulatory Expertise: Ability to interpret complex regulatory and control requirements and translate them into clear, actionable guidance for technical and project teams.

· Analytical Rigor: Strong attention to detail, particularly in validating technical evidence and identifying compliance gaps or control weaknesses.

· Consultative Mindset: Ability to function as a trusted advisor while maintaining independence and objectivity when providing recommendations to leadership.

· Communication Skills: Strong written and verbal communication skills, with the ability to bridge technical delivery requirements and compliance expectations.

· GRC & Project Tool Proficiency: Experience with GRC platforms (e.g., ServiceNow, Archer) and project management tools (e.g., Jira), in addition to Planisware, to maintain visibility across projects and compliance activities.---