What are the responsibilities and job description for the Security Compliance Consultant (NIST) position at SP6?
Own The Role:
SP6 is looking for a Compliance SME wanting to take the next step in their career! In this role, you will help to spearhead a one-of-a-kind CMMC platform to automate evidence collection.
Being our first Compliance expert, you will see your impact across the company as you take ownership of building deliverables, training other consultants, and advising our platform team on the different compliance rules.
From there, you will be the go-to consultant supporting Fortune 2000 companies to ensure they are CMMC and/or NIST 800-171 compliant. You will accomplish this by providing pre-audit readiness assessments and post-assessment plans of action and milestones (POAM).
How You’ll Drive Success:
- Supporting the platform team and advising them on SP6’S CMMC software on what rules get built into the software:
- Up to 50% of the role initially and then sliding down to 25% /-.
- Providing insight into typical compliance workflows and how they can be streamlined within the platform
- Leading cybersecurity readiness assessments including maturity assessments using the Cybersecurity Maturity Model Certification (CMMC) model.
- Up to 75% Supporting the day-to-day activities of engagements for clients, including system development, readiness assessments, and platform reviews.
- Providing customers with Supplier Performance Risk Score (SPRS).
- Understanding of control standards NIST 800-171, CMMC, and control testing strategies.
- Applying cyber compliance/risk management knowledge, control principles, and technical knowledge across cyber risk and compliance engagements.
- Develop and deliver training to internal teams and customers.
- Consulting with end clients to gather requirements and understand our client's key business and security challenges. Working with team members to advise on practical and cost-effective solutions to help mitigate our clients’ cybersecurity risks and challenges
- In-depth knowledge of relevant security regulatory compliance requirements and translating those into business processes and security controls to enhance and support clients’ compliance and audit capabilities.
- Articulating and defending IT controls testing approach and performing tests of design and operating effectiveness
- Establishing and maintaining effective working relationships with colleagues, existing clients, and prospective client organizations.
To Be Successful:
- 3 years of experience testing and documenting IT security controls including experience managing and facilitating client control testing efforts
- 1 year of experience leading external and internal auditors, e.g., CMMC
- 2 years of experience creating technical documentation and compliance reports
- CMMC Certified Assessor, Certified Professional, or Registered Professional
Why SP6?
- Recognized as one of North America’s top professional service partners.
- The chance to be part of a winning team and a premier Splunk partner.
- Competitive salary and OTE.
- 100% employer-paid health insurance (Gold-rated plan).
- 401(k) with company match.
- 30 days of annual paid time off (4 weeks Paid Time Off Holidays)
- Significant Training and Development and Certification attainment.
- Opportunity for long-term career advancement.
- Your contributions are felt and recognized by our growing company.
- Grown over 100% in the last 2 years.
About SP6:
SP6 is a niche technology firm advising organizations on how to best leverage the combination of big data analytics and automation across distinct (3) practice areas:
- Cybersecurity Operations and Cyber Risk Management (including automated security compliance and security maturity assessments).
- Fraud detection and prevention
- IT and DevOps Observability and Site Reliability
Each of these distinct domains is supported by SP6 team members with subject matter expertise in their respective disciplines.
SP6 provides Professional Services as well as ongoing Co-Managed Services in each of these solution areas. We also assist organizations in their evaluation and acquisition of appropriate technology tools and solutions. SP6 operates across North America and Europe.
#LI-REMOTE
Powered by JazzHR