We are seeking a passionate and talented Compliance Engineer to join our client's Cloud Engineering team supporting their customers and service groups. This individual will oversee the day-to-day operations of compliance services. The Compliance Engineer is responsible for leading the planning, scoping, execution and reporting of audits based on compliance standards and frameworks related to various business units and external customers. As part of the Cloud Engineering team, you will report to the Director of Cloud Security and Compliance Services. The Compliance Engineer will leverage engineering, operational, and analyst team input, while providing thought leadership in assisting our partners, educational institutions, state, local, and government agency customers to enable them to move their workloads and heavily regulated data into the cloud. This will be done by addressing their specific security and compliance requirements. The Security Compliance Lead will develop high-level strategies to address overall risk to IT systems and customer data through recommendations to IT systems owners and management. This candidate should be a technically experienced information security professional who can translate technical security solutions to address a wide range of IT security, privacy and compliance challenges. This Security Compliance Lead will directly partner with customers in adapting their security control framework to enable them to move their sensitive workloads to the cloud environment. This position requires significant hands-on experience with the compliance standards. The candidate will ensure that Assessment and Authorization processes are followed, and documentation is accurate and complete for all applicable compliance frameworks within the organization. The individual should strong interpersonal skills and be willing to take initiative in a dynamic, client facing environment.
Responsibilities:
· Analyze and recommend solutions for information security rated issues based on experience and security best practices for IT systems, services, applications and products
· Participate in public sector regulatory security assessments and authorizations with teams and customers. This includes determining control requirements, recommending and pursing alternative approaches to assist customers in developing compliance roadmaps
· Partner directly with clients to review compliance documentation, requirements, and assist with the understating of control implementations within the client's environment
· Work with clients to resolve concerns and to understand how compliance is achieved while operating IT in the cloud through delivery of training, deep dive discussions, strategic presentations/ recommendation, and hands on demonstrations of compliance in the environment.
· Keep Compliance Advisory leadership team fully informed of customer engagement status, issues, and activities.
· Understand cloud-based engineering implementations and enterprise information system flow
· Support the deployment and integration of security and compliance related within a client's cloud infrastructure.
· Provide proactive mitigation steps of infrastructure, applications vulnerabilities and recommending compensating controls Preferred Requirements
· Familiarity with Cloud Computing models (IaaS, PaaS, SaaS)
· Understanding of Infrastructure, Platform and Application Layer Security implementation * Familiarly with common security tools, MFA, Web services
· Excellent oral and written communication skills
· Ability to think critically and be responsive to time sensitive requests
Bachelor's degree in Information systems, related discipline or equivalent experience
Compensation:
$70/hr to $90/hr
Exact compensation may vary based on several factors, including skills, experience, and education.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401K retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
· Minimum 5+years of experience with operations auditing, risk management, IT Compliance, Information Security, IT program or project management and/or technology.
· Atleast 3+ years of experience in Security and Compliance domain Hands-on experience with the FISMA/FedRAMP compliance standards and the ability to apply the NIST Risk Management Framework.
· Understands how to utilize NIST and FedRAMP documentation including SP-800-30, SP-800-37, SP 800-53, SP 800-39, and SP 800-37, FIPS 199, FIPS 200, OMB A-130. Experience in performing and/or participating in technical assessments in direct support of compliance efforts such as (FedRAMP, HIPAA, PCI, GxP, SOC2, ISO27001, ISO27002)
· Experience in developing and reviewing system security plans, information security policies and procedures, contingency plans, incident response plans, etc.
· Experience in the review and advisement of continuous monitoring activities (POA&Ms, vulnerability management, Incident Response, Significant change etc.)
Experience defining compliance roadmaps based on customer requirements, security documentation and ensuring that committed deliverables are on schedule.
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.