Security Compliance Officer

Security Compliance Officer 1418386

• Hourly pay: $85/hr
• Worksite: Leading university (Redwood City, CA 94063 - Hybrid, Must be onsite a few days each quarter)
• W2 Employment, Group Medical, Dental, Vision, Life, Retirement Savings Program, PSL
• 40 hours/week, 6-12 Month assignment

A leading technology company seeks a The ideal candidate will lead the overall (National Institute of Standards and Technology) NIST readiness effort to support the research community, with a particular focus on compliance with (National Institutes of Health) NIH requirements, Cybersecurity Maturity Model Certification (CMMC), and NIST SP 800-171 standards. The company offers a family-oriented culture and environment!

Security Compliance Officer Responsibilities:

• Lead the development and execution of a comprehensive strategy of NIST readiness to prepare the university for security audits and regulatory requirements, with a specific emphasis on compliance with NIH, Cybersecurity Maturity Model Certification (CMMC), and NIST SP 800-171 standards.
• Develop a risk assessment framework and create a process to conduct comprehensive risk assessments, identifying potential security threats and implementing effective mitigation strategies to minimize risks to the organizationʼs assets and data.
• Collaborate with the third-party for the development of System Security Plans (SSPs) that outline the security controls in place for the university's information systems and ensure they align with regulatory requirements.
• Ensure that the actions pertaining to cybersecurity listed in the Plan of Actions and Milestones (POA&M) are executed effectively to meet compliance with industry regulations, best practices, and the university's risk management framework, including NIH, NIST, ISO 27001, HIPAA, and PCI DSS.
• Update security controls regularly and provide support to stakeholders on security controls, including internal assessments, regulations, protecting Personally Identifiable Information (PII) data, and Payment Card Industry Data Security Standards (PCI DSS).

Security Compliance Officer Qualifications:

• 7+ years of related experience.
• A Bachelorʼs degree.
• Prior work in a highly-regulated industry is a plus.
• Proven experience in information security, risk management, and compliance with a focus on establishing robust security frameworks.
• Experience in leading security audits, risk assessments, and vulnerability assessments to ensure compliance and enhance security measures.
• Multiple years of experience in a leadership role within a cybersecurity, information security, or compliance-related team, demonstrating the ability to guide and mentor junior staff while driving compliance initiatives.
• In-depth understanding of industry standards and regulations, particularly NIST & HIPAA.
• Strong analytical and critical thinking skills, with a demonstrated ability to identify, assess, and mitigate complex security risks effectively.
• Comprehensive knowledge of security technologies, including encryption methods, firewalls, intrusion detection systems, and Security Information and Event Management (SIEM) solutions.
• Exceptional capability to convey complex technical concepts in accessible language to diverse audiences, ensuring effective communication with stakeholders at all levels of technical expertise.
• Strong commitment to professional development and staying current with the latest security threats, technologies, and evolving industry regulations to inform compliance strategies.
• Knowledge of ISO 27001 and PCI DSS is a plus.
• CISSP or other professional cybersecurity certifications are a plus.

Shift:

• Monday to Friday from 9 am to 5 pm Pacific Time office hours.