IT Security Federal Compliance Technical Lead

Job Family:

Travel Required:

Clearance Required:

What You Will Do:

The Cybersecurity Federal Compliance Technical Lead is a member of the Governance Risk and Compliance team within the office of the CISO. This position will focus on federal compliance relating to NIST 800-171, CMMC, and NIST 800-53 frameworks. Working with other compliance team members, information technology, and business unit functions, the Federal Compliance Technical Lead will be responsible for reviewing the Guidehouse control environment (infrastructure, systems, applications, etc.) and corresponding processes to confirm they are aligned to relevant regulations as well as Guidehouse policies and standards. The Federal Compliance Technical Lead will perform control assessments by interviewing stakeholders, gathering evidence and documentation and assessing if there are any gaps.

Additionally, this role will have input into risk assessments and issue documentation/tracking to support the full lifecycle of Compliance operations. We are a service-oriented group and you will actively engage with technical and compliance teams such as legal and various business units, etc. to perform and advance Guidehouse federal compliance initiatives. To do this, you will be hands-on and help drive processes and procedures with other IT security professionals dedicated to the mission and vision of Guidehouse IT Security operations.

In this role you will:

• Act as a cybersecurity liaison and align/mature our IT Security compliance process with IT, Internal Audit, business organizational units and external audit.
• Manage the full life cycle of document requests, scheduling and participation of audit walk throughs.
• Stay up to date with changes to NIST and CMMC programs as well as other applicable federal programs.
• Manage and coordinate identified issues and findings across compliance related activities and ensure they are documented and tracked for remediation.
• Oversee and enhance the continuous monitoring plan specific to NIST and CMMC. Report results on a quarterly basis to leadership.
• Perform reviews of IT Security controls by performing control and risk assessments of processes, procedures, policies, system configuration, etc. to document control effectiveness from both a design and operating effectives perspective.
• Need to be able to work East Coast US business hours

What You Will Need:

• Bachelor’s Degree and minimum 6 years of experience; OR 10 years of experience in lieu of degree
• U.S. citizenship
• Experience assessing NIST SP 800-171 controls against the NIST SP 800-171a ‘Determine if statements’ in a large corporate environment
• Strong knowledge and current awareness of the CMMC framework and requirements
• Experience assessing NIST SP 800-53 controls
• A highly motivated individual with strong project management skills, organization, oral and written communication skills
• High attention to detail
• At least one of the following security certifications:
  • ISC2 Certified Information Security Professional (CISSP)
  • ISACA Certified Information Security Manager (CISM)
  • ISACA Certified Information Systems Auditor (CISA)

What Would Be Nice To Have:

• Experience working with Governance Risk and Compliance tools beyond the manual processes of excel sheets, folders, and emails
• Experience with Microsoft Azure Compliance Center
• Working knowledge of Active Directory, Exchange, SharePoint, and Teams
• Demonstrated ability to learn and document new technologies/solutions
• Experience with ServiceNow is a plus
• Experience working in an ITIL environment
• Preference will be given to candidates who are located within 50 miles of a Guidehouse office.

What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical, Rx, Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays

• Position may be eligible for a discretionary variable incentive bonus

• Parental Leave and Adoption Assistance

• 401(k) Retirement Plan

• Basic Life & Supplemental Life

• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts

• Short-Term & Long-Term Disability

• Student Loan PayDown

• Tuition Reimbursement, Personal Development & Learning Opportunities

• Skills Development & Certifications

• Employee Referral Program

• Corporate Sponsored Events & Community Outreach

• Emergency Back-Up Childcare Program

• Mobility Stipend

About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.