The ACI Group is committed to help you identify and match your skills and experience to the best job possible.
Take your first steps to an exciting new career.
Security Compliance Audit Analyst, Baltimore, MD
Our client is seeking a Security Compliance Audit Analyst for a Contract to Hire opportunity Baltimore, MD.
- We are seeking a Security Policy/Compliance Analyst who will develop and implement Security Policy and/or validate Security Compliance against policies to help improve the client’s ability to reduce the impact of security threats.
- The Security Policy/Compliance Analyst may assist in prioritizing, defining strategy and managing identified security Plans of Action and mitigation (POAMs). May analyze and prioritize the outcomes to develop mitigation strategies utilizing current security platforms or recommendations for new security architectures.
- The Information Systems Security Policy/Compliance Analyst keeps current on advances in the field of Federal IT, and provides analytical guidance to the project team.
- The Information Systems Security Policy/Compliance Analyst may act as a customer contact for technology, lead technical review sessions with.
- Perform as a Security Policy/Compliance analyst.
- Work onsite with the customer’s technical teams and leadership to build relationships and find ways to leverage and maximize technical investment recommendations.
- Assist with RFP technical proposal responses, as needed.
- Assist Cloud Architects in establishing a strategy and approach to transform customer infrastructure and development environment to a Cloud based solution.
- Developing Security Policies and/or ensuring Security Compliance for Cloud implementations.
- Drive security requirements for the customer, integrating multiple capabilities and scenarios supporting the cloud implementations.
- Provide Security Policy and/or Security Compliance expertise to managers and technical staff, and the customer.
- Function as a Security Policy and/or Security Compliance expert on project assignments, and must possess the ability to apply a comprehensive knowledge across key tasks and high impact assignments.
- Plan and lead Security Policy and/or Security Compliance assignments, with the potential to supervise others in doing so.
- Demonstrates strong oral and written communication skills, with the ability to communicate technical topics to management and non-technical audiences, as well as interface with the senior customers on a daily basis.
- Ensure HIPAA violations do not occur within the program by taking a proactive role in the constant vigilance and rigor to emphasize HIPAA compliance throughout all levels of the program (systems, personnel, and data). To be fully aware of all PHI/PII within their respective program and how it is protected.
- Bachelor’s degree in Business, Computer Science, Information Technology, Information Systems, Systems Engineering or related disciplines and 7 years of relevant experience or 11 years of relevant experience will satisfy the education and experience requirement.
- 3+ years of experience working as a Security Policy or Security Compliance as a Cyber Security, IT Security, or Information Assurance analyst.
- 2+ years of experience with developing security policies, processes, and procedures in the federal government.
- 2+ years of experience with assessing new security laws, policies, or standards to determine program-level impact.
- 2+ years of experience with the NIST Risk Management Framework and SP 800 issuances, continuous monitoring, and information system security policies, standards, and procedures.
- Must have a solid understanding of cloud deployment, security policy requirements and assessments, and service models as defined by the National Institute of Standards and Technology (NIST).
- Ability to perform an IT audit and develop a comprehensive risk assessment process; on multiple CSPs and services offerings such as Microsoft Office 365 and SharePoint.
- Ability to obtain a position of public trust.
- Security+ Certification or other Professional security or auditing certifications a plus: CISSP, CISA, GIAC, SSCP, CIPP, CIA, CSCS.
- Technical awareness of FedRAMP, FISMA, NIST, RMF and Federal Government Certification and Accreditation (C&A) process.
- Experience with responding to external audits and developing remediation plans.
- Only those individuals selected for an interview will be contacted.
- No calls, inquiries, or Third Party Vendors please.
- We are an equal opportunity employer (Unable to sponsor H1B Visas).
Since 1988, The ACI Group, a Baltimore-based IT staffing firm, has been committed to hiring the industry’s leading professionals, and presenting exciting career opportunities. We have access to varied types of contract, permanent and contract-to-perm positions and offer a choice of employment options including a full benefits package.
Submit your resume for this job