What are the responsibilities and job description for the Remote Cybersecurity & Audit Analyst - Mid-Level Experience position at CCI Systems, Inc.?
- Please note: Our positions are posted in multiple areas of the U.S. to attract the best talent to fill our roles. Our Corporate Office location is in Iron Mountain, MI. Unless you are within a commutable distance to, and would like the option to work from this office, this position will be 100% remote/work-from-home.
Why CCI? CCI Systems, Inc. is an Employee-Owned Telecommunications Company based in Iron Mountain, MI with 60 years of industry knowledge and experience. Our outstanding team-based work culture and environment has allowed us to grow, develop, and retain long-term employees. We offer a comprehensive benefits package, competitive pay, flexibility, paid on the job training, professional development, and inspire you to be bold, yet accountable. We value our employee’s hard work and determination and REWARD results all while having fun!
Our mission is to make life better by connecting people through innovative communication systems.
We are seeking a Cybersecurity & Audit Analyst to establish and maintain a framework to provide assurance that information security strategies are aligned with and support business objectives by creating and analyzing policy, procedure, gap assessment, remediation, and auditing to support governance and compliance. The right candidate will come from a background in cybersecurity, and possibly be certified. This candidate will also have a proven record for establishing process improvements and operating procedures related to IT governance and compliance through the results of auditing. They will also be a strong communicator, analytical thinker, and be able to work successfully with our stakeholders and leadership teams. We offer a collaborative environment with a great work culture that encourages learning and pushes you to rise to the next level!
Responsibilities
- Mature, execute and maintain a policy management lifecycle process, including develop, implement, and manage communication of security policies, control standards, best practices, guidance, and audits.
- Provide support for security governance activities, including managing communication about security policies, standards, and control frameworks.
- Continuously assess existing policies for relevancy and accuracy and partner with the business to identify and manage risks associated with policy violations and exceptions.
- Identify, assess, track and report on security risks across the enterprise. Track risk decisions and remediation plans and communicate risks to both technical and non-technical audiences.
- Identify IT security risks to the business, work with the security team on client security reviews, and drive the development of remediation plans for both when appropriate.
- Plan, manage, and maintain the organization-wide security awareness program to increase awareness of information security policies and standards through training and communication.
- Develop, implement, and lead controls framework elements supporting corporate governance.
- Maintain key metrics and leadership dashboards to assess and track the performance of the security awareness program.
- Conduct planned audits to ensure professional standards are maintained, executed, and documented. Post-audit, identifies and escalates opportunities for improvement.
- Facilitate external audits; ensure timely and accurate dissemination and receipt of audit requests.
- Assist with the design and development to facilitate procedural controls and self-audit program to monitor and ensure compliance.
- Develop and maintain a strong rapport with business users, product owners, developers, project stakeholders and executive management.
- Perform other related duties as assigned by Manager.
Qualifications We Are Looking For
- Bachelor’s Degree in Information Technology, Information Security and Assurance, Audit, or equivalent Cyber Security degree.
- Experience with NIST adoption and Governance activities strongly preferred.
- CISA – Certified Information Systems Auditor, CISM – Certified Information Security Manager, Cybersecurity Audit Certificate or other relevant cybersecurity certification strongly preferred.
- Familiarity with combining multiple compliance frameworks (i.e., NIST, SOC2, ISO 27000) strongly preferred.
- Experience in developing, executing, and maintaining a corporate governance and audit program.
- Strong understanding of IT and networking concepts.
- Familiar with agile development methodologies.
- Familiar with business process definition, documentation, and improvement.
- Familiar with document repository toolsets.
- Advanced knowledge of Microsoft Office: Excel, Word, Outlook, Teams, etc.
- Excellent verbal and written communication skills and the ability to communicate effectively across many organizational levels.
- Strong analytical problem-solving skills and highly detail oriented.
- Must embrace the CCI Systems vision, mission, culture, and characteristics of leadership.
Shift is full-time, 40 hours per week minimum, Monday – Friday, within the hours of 7:00 am – 5:00 pm CST. Further schedule considerations TBD by hiring teams. Must be flexible, and willing and able to work outside of normal business hours as needed.
Additional Information:
- Pre-employment screenings, including reliable Internet connection test, background check, and drug testing required.
-
POST-COVID-19, this position may require your physical in-office presence.
- This position may be remote/work-from-home, and can be performed anywhere in the U.S., except California, Colorado, Washington State, and New York City Metro Areas.
- We do not sponsor applicants for work visas.
CCI Systems, Inc. is an Affirmative Action/Equal Opportunity Employer.
Enterprise Schedule Analyst – Mid-Level #1763
Level #1763 - COMPASS, Inc. -
Springfield, VA
Cybersecurity Engineers (Mid level)
Axient LLC -
Washington, WA
Cybersecurity Analyst, Mid
Booz Allen -
Norfolk, VA