What are the responsibilities and job description for the Cybersecurity Compliance Lead (Huntsville, AL) position at Integrated Solutions for Systems (IS4S)?
Description:
The Cybersecurity Compliance Lead (CCL) is responsible for maintaining and maturing the company's cybersecurity program. The CCL must be able to demonstrate familiarity and/or experience with security frameworks such as National Institute of Standards (NIST) 800-53 or 800-171, Risk Management Framework (RMF), Cybersecurity Framework (CSF), CIS Critical Security Controls (CIS Controls), Defense Federal Acquisition Regulation Supplement (DFARS), and Cybersecurity Maturity Model Certification (CMMC). The CCL will collaborate and coordinate cyber related activities with company stakeholders, oversee cyber risk and incident management, conduct and coordinate internal and external cybersecurity assessments.
Job Role(s):
Ensure compliance with CMMC certification
Conduct internal cybersecurity assessments
Lead external cybersecurity assessments
Document existing risks, exposure, and impact
Document risk mitigation, remediation, and continuity plans
Lead and document Configuration Control Board (CCB)
Lead cybersecurity configuration lifecycle management
Oversee cyber incident management
Report cyber incidents to the appropriate government entities
File reports on multiple government systems of record
Ensure all reporting within regulated guidelines
Collaborate and update System Security Plan (SSP)
Collaborate and update policies and procedures
Conduct cybersecurity briefings with company stakeholders
Interface with government entities on cybersecurity matters
Conduct training of employees
Conduct internal cybersecurity assessments
Lead external cybersecurity assessments
Document existing risks, exposure, and impact
Document risk mitigation, remediation, and continuity plans
Lead and document Configuration Control Board (CCB)
Lead cybersecurity configuration lifecycle management
Oversee cyber incident management
Report cyber incidents to the appropriate government entities
File reports on multiple government systems of record
Ensure all reporting within regulated guidelines
Collaborate and update System Security Plan (SSP)
Collaborate and update policies and procedures
Conduct cybersecurity briefings with company stakeholders
Interface with government entities on cybersecurity matters
Conduct training of employees
Required experience:
Subject Matter Expert (SME) in Cybersecurity Compliance
Experience leading information security engagements
Experience with DFARS, NIST, and CMMC assessments
Experience with leading teams and project management
Must possess or more of the following: Certified CMMC Professional (CCP), Certified CMMC Assessor (CCA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or equivalent certification
Experience leading information security engagements
Experience with DFARS, NIST, and CMMC assessments
Experience with leading teams and project management
Must possess or more of the following: Certified CMMC Professional (CCP), Certified CMMC Assessor (CCA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or equivalent certification
Minimum Education Requirement:
CCP, CCA, CISSP, CISM, CISA, or equivalent
IS4S is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, disability status, sexual orientation or gender identity.
XJ6
