Full-Time Information Security Accreditations Specialist

The Accreditations Specialist establishes and coordinates Accreditation activities throughout the year as a well-rounded program. You will work with technical and business experts, explain audit needs and processes, and guide remediation efforts. You will mandate partnerships with governance, compliance, and risk management teams to ensure the environment meets the requirements for certification and accreditation.

You'll have the opportunity to:

• Coordinate compliance with specific standards, such as PCI, HIPAA, ISO 27001, SOC 1/2/3, and FISMA/FedRAMP with guidance.
• Maintain evidence repositories and work with SMEs to refresh artifacts.
• Coordinate audits and certifications, and partner with client support to develop timelines and resources for accreditation projects.
• Collaborate with partners to establish and maintain the program and governance framework, develop metrics to demonstrate compliance, flag risks, and communicate effectiveness to management.
• Establish, document, maintain, and communicate project scope, milestone plans, risks, and issues, using them to ensure agreement across the program.
• Partner with the policy and standards team to incorporate changes into the enterprise policy document based on compliance assessment results.
• Follow up on deficiencies identified in reviews and external audits to ensure appropriate remediation measures have been achieved; track mitigation steps and ensure that risks are managed promptly.
• Coordinate a complex group of projects related to post-audit or readiness activities under the guidance of the Director.

Your background:

• Bachelor's degree in Computer science or relevant field or equivalent experience.
• Experience in the information security standards area and familiarity with common security frameworks (CIS benchmark, NIST 800-53, ISO27002, CSA Cloud Controls Matrix (CCM)).
• 3+ years of experience with cloud platforms such as Amazon Web Services (AWS), Azure, or Google Cloud Platform (GCP).
• Understanding of specific security standards such as PCI, HIPAA, SOC 1/2/3, ISO 27001/2, FISMA/FedRAMP, CCM, NIST.
• Experience coordinating similar compliance audit programs and auditing cloud and hybrid environments.
• Experience running projects end-to-end
• IT and Security Operations expertise required: knowledge of Windows/Linux/Unix operating systems, authentication methods, firewalls, routers, web services, cloud security.
• Knowledge of formal Project Management methodologies such as PMP, CAPM, Agile, Lean Six Sigma, Scrum, and SAFe.
• Plus: Experience working with the RSA Archer eGRC application and other collaboration tools.

What is the last date for applying to the job?

Which countries are accepted for this remote job?