Position Overview:We are seeking a highly skilled Cybersecurity Compliance Analyst to join our team. The ideal candidate will have a strong background in cybersecurity compliance, with specific experience in conducting assessments according to standards such as NIST SP 800-171 and NIST SP 800-53. This role requires expertise in policy development and implementation, particularly within large organizations encompassing both employees and contractors. Additionally, experience in navigating government contracts and implementing Governance, Risk, and Compliance (GRC) frameworks is essential.

Key Responsibilities:

• Conduct assessments and audits to evaluate compliance with cybersecurity standards, particularly NIST SP 800-171 and NIST SP 800-53.
• Develop and implement cybersecurity policies and procedures tailored to the specific needs of large organizations, ensuring alignment with industry best practices and regulatory requirements.
• Collaborate with internal stakeholders to establish effective controls and safeguards to protect sensitive information and assets.
• Provide guidance and support to ensure ongoing compliance with cybersecurity policies and regulatory requirements.
• Interface with government agencies and contractors to facilitate compliance with contractual cybersecurity requirements.
• Assist in the development and implementation of Governance, Risk, and Compliance (GRC) frameworks to streamline compliance efforts and enhance overall cybersecurity posture.
• Stay abreast of emerging cybersecurity threats, trends, and best practices to continually improve compliance strategies and procedures.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or related field. Master’s degree preferred.
• Minimum of 2 years of experience in cybersecurity compliance, with a focus on conducting assessments according to NIST standards.
• Demonstrated experience in developing and implementing cybersecurity policies and procedures for large organizations, including employees and contractors.
• In-depth knowledge of government contracts and regulatory requirements related to cybersecurity, particularly in sectors such as defense, healthcare, or finance.
• Strong understanding of Governance, Risk, and Compliance (GRC) principles and frameworks.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) preferred.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and external stakeholders.
• Proven analytical and problem-solving abilities, with a keen attention to detail.
• Ability to thrive in a fast-paced environment and manage multiple priorities effectively.