Compliance Analyst – Contractor
BeyondTrust
Governance, Risk and Compliance Consultant
Malleum
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇨🇦 Canada
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
Cyber SecurityRPA
About the role
- Provide guidance and support to client organizations throughout their cybersecurity maturity journey, helping them to build robust cybersecurity roadmaps.
- Work with clients to design and implement right-sized cybersecurity controls in line with global industry, sector, and regulatory frameworks and standards.
- Collaborate with clients’ teams to develop and implement risk treatment methodologies and plans necessary to achieve and maintain their program compliance.
- Clearly articulate cybersecurity requirements to client organizations’ employees of all levels to ensure understanding and senior leadership sponsorship.
- Assist organizations with the review and update of existing security policies and procedures to align with evolving requirements and best practices in cybersecurity.
- Prepare detailed reports on the status of an organization's cybersecurity compliance.
- Prepare and deliver thoughtful, insightful, and professional presentations to clients and internal Malleum stakeholders.
- Keep abreast of the latest cybersecurity threats and trends, as well as updates to the relevant industry standards such as the CMMC framework.
- Achieve utilization targets, complete projects on time and budget, and meet quality standards.
- Study, learn, test, document, execute and seek to continuously improve scalable consulting services processes to effectively deliver customer engagements while achieving a high level of customer satisfaction.
- Execute project planning, scheduling, and other coordination of internal and client resources to conduct interviews, meetings, and presentations.
- Develop a thorough understanding of our solution and service offerings, sales process, marketing materials, contract and statement of work (SOW) structure, methodologies, delivery standards, work tools, and processes.
- Pursue additional education and stay current on best practices, technical skills, and tools related to the position's duties.
Requirements
- Post-secondary education in information technology, computer science, or equivalent combination of education and experience.
- 5-8 years of experience in IT security, risk management, or compliance.
- Current certification as a Registered Practitioner Advanced (RPA) or Registered Practitioner (RP) is an asset.
- The ability to achieve a Registered Practitioner (RP) credential under the CMMC version 2.0 framework is essential.
- In-depth knowledge of the CMMC framework, NIST SP 800-171, and DFARS 252.204-7012 regulations.
- Relevant professional certifications such as CISSP, CRISC, CISA, CISM, coupled with advanced knowledge of a range of cybersecurity technologies and solutions.
- Skilled and experienced in managing projects and leading consulting engagements, with a record of delivering exceptional value to clients.
- Experience with cybersecurity systems and infrastructure design and configuration is a significant asset.
- Superior communication and presentation skills with the ability to explain complex security concepts to non-technical staff.
- Exceptional client-service orientation, with the ability to build trust and develop rapport with a broad range of client stakeholders, including Defense Industrial Base compliance and information system professionals.
- Independent and autonomous, with the drive to seek out and leverage internal resources as needed, and proactively take ownership of their work and career development.
- Excellent analysis and problem-solving skills, especially in the information systems, security, and privacy space.
- Ability to learn new subject matter and context quickly and to maintain market and subject matter awareness.
- Ability to understand SOWs, customer proposals, project notes, deliverables, and final reports; assimilate previous experience, relevant subject matter, data, facts, and results; and develop relevant questions of colleagues to hasten understanding scenarios, methodologies, processes, and "lessons learned."
Benefits
- Professional development opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurityrisk managementcompliancecybersecurity controlscybersecurity policiesproject planningcybersecurity systems designcybersecurity infrastructure configurationCMMC frameworkNIST SP 800-171
Soft skills
communication skillspresentation skillsclient-service orientationproblem-solving skillsindependenceautonomytrust buildingrapport developmentanalysis skillscontinuous improvement
Certifications
Registered Practitioner Advanced (RPA)Registered Practitioner (RP)CISSPCRISCCISACISM