We are looking for a Security Engineer to join our team for a long-term contract opportunity. You will evaluate, quantify, and communicate risk across the compliance, internal controls, and cyber domains. You will establish and communicate key risk and key performance indicators respective to our program.
You should have at least 5-8 years of experience with Department of Defense, FISMA, FEDRAMP, PCI, Risk Assessment, IT audit, governance and risk.
Additional responsibilities as follows:
- Engage with partners in Information Security, Information Technology, and lines of business to ensure we are in compliance with Information Security policy, standards, and regulatory/statutory requirements
- Analyze and research IT relevant policies, standards, and procedures against dedicated frameworks (NIST, ITIL, ISO) to provide guidance for driving continually effective and efficient processes
- Key team player in driving regulatory engagements lifecycle such as SOX, PCI, Department of Defense (DoD), GDPR, and more
- Coordinate with internal and external audit teams, as needed, to fulfill regulatory/statutory requirements
- Engage & consult with key partners to develop relationships to facilitate partnership & alignment
- Anticipate organizational impacts & understand risk associated with introducing new technologies or processes
- Manage regulatory artifact requests, collect evidence, and complete overarching engagement-related administrative tasks