Full-Time Information Security Accreditations Specialist

The Accreditations Specialist establishes and coordinates Accreditation activities throughout the year as a well-rounded program.

You will work with technical and business experts, explain audit needs and processes, and guide remediation efforts. You will mandate partnerships with governance, compliance, and risk management teams to ensure the environment meets the requirements for certification and accreditation.

Responsibilities include:

• Coordinating compliance with specific standards (PCI, HIPAA, ISO 27001, SOC 1/2/3, FISMA/FedRAMP).
• Maintaining evidence repositories and refreshing artifacts with SMEs.
• Coordinating audits and certifications, and developing timelines and resources for accreditation projects with client support.
• Collaborating to establish and maintain the program and governance framework, developing metrics, flagging risks, and communicating compliance effectiveness to management.
• Establishing, documenting, maintaining, and communicating project scope, milestone plans, risks, and issues to ensure agreement across the program.
• Partnering with the policy and standards team to incorporate changes into enterprise policy based on compliance assessment results.
• Following up on deficiencies identified in reviews and audits to ensure remediation, tracking mitigation steps, and ensuring prompt risk management.
• Coordinating complex projects related to post-audit or readiness activities under guidance.

Qualifications:

• Bachelor's degree in Computer Science or relevant field or equivalent experience.
• Experience in information security standards and familiarity with common security frameworks (CIS benchmark, NIST 800-53, ISO27002, CSA CCM).
• 3+ years of experience with cloud platforms (AWS, Azure, GCP).
• Understanding of specific security standards (PCI, HIPAA, SOC 1/2/3, ISO 27001/2, FISMA/FedRAMP, CCM, NIST).
• Experience coordinating similar compliance audit programs and auditing cloud and hybrid environments.
• Experience running projects end-to-end.
• IT and Security Operations expertise (Windows/Linux/Unix, authentication methods, firewalls, routers, web services, cloud security).
• Knowledge of formal project management methodologies (PMP, CAPM, Agile, Lean Six Sigma, Scrum, SAFe).
• Plus: Experience with RSA Archer eGRC and other collaboration tools.

What is the last date for applying to the job?

Which countries are accepted for this remote job?