IT Security Compliance Specialist

A3 Technology, Inc. is seeking a Security Compliance Specialist to join our Infrastructure Support team’s Data Centers group. The Specialist will standardize documentation, review and remediate security audit findings and work with the technical team to implement compliance improvements and security controls. 

This position is 100% onsite.

Responsibilities:

• Integrate security compliance into a Continuous Integration/Continuous Deployment (CI/CD) toolchain.
• Develop and apply rulesets based on NIST 800-53 Revision 5. 
• Use SOAR (Security Orchestration, Automation and Response) to streamline security operations in three key areas: threat and vulnerability management, incident response and security operations automation.
• Review and remediate security audit findings via Plans of Action and Milestones (POAM).
• Review monthly vulnerabilities reports and work with the technical team to remediate them.
• Analyze data from vulnerabilities reports and audits to determine reporting criteria, trends and efficiency opportunities.
• Write scripts using PowerShell to automate recurring actions.
• Provide monthly, quarterly and annual reporting as needed.
• Tailor report content based on audience.

Skills Required:

• Experience applying NIST 800-53.
• Experience creating “ConMon” or continuous monitoring.
• Experience working with DevOps toolchains in GitHub.
• Experience applying SOAR.
• Experience using Confluence.
• Experience integrating security compliance into a CI/CD chain.
• Experience presenting ideas in business-friendly and user-friendly language.
• Experience resolving technical issues and implementing strategies to prevent recurrence.
• Experience writing PowerShell scripts.
• Experience creating reports for multiple audiences, e.g. technical, executive, etc.
• Experience tracking and resolving incidents via ticket queue (ServiceNow and JIRA preferred). 
• Excellent written and communication skills. 
• Self-motivated to take ownership of projects. 

Skills Preferred:

• Experience working with a large organization (>35,000 customers).
• Experience collaborating with peer and client teams. 
• Experience supporting Data Centers/Hosting environments.
• Certified Information Systems Security Professional (CISSP).
• Certified Information Security Manager (CISM).
• Certified Information Systems Auditor (CISA).

Education:

• HS diploma/GED and 14 years IT experience OR
• Bachelor’s degree in Information Systems, Computer Science, IT or related field and 8 years IT experience.

Additionally, US Citizenship or documented proof of eligibility to work in the US is a must. Upon receiving a conditional offer of employment, candidates will undergo a Government investigation and must meet eligibility requirements for Government clearance. Verification of past employment, education and references is also required. It is imperative that candidates be either a US citizen or a current green card holder with the last 3 consecutive years as a resident of the US.

At A3 Technology, Inc., we take pride in being an Equal Opportunity Employer (EEO) and Affirmative Action (AA) employer. We're committed to considering all qualified candidates for employment without regard to race, religion, color, sex, sexual orientation, gender identity, age, protected veteran status, disability, national origin, genetic information or any other protected status.