GRC Analyst III - Certification and Compliance Programs presso Mercury Systems

Job Summary:

The GRC Analyst III is responsible for supporting the cybersecurity direction of the business and advancing the company’s cybersecurity posture. 

The ideal candidate is a CMMC expert experienced in managing certification and compliance programs. The role assists the Director with managing the cybersecurity policy framework, overseeing the security awareness and training program, and managing customer assurance activities.

Job Responsibilities:

• Manage the cybersecurity certification and compliance programs, such as CMMC, ISO, Cyber Essentials Plus, and NIST CSF. This including coordination of evidence collection, advising on control requirements, and managing external auditors.
• Manages the Security Awareness and Training Program, including content selection, training assignment and completion monitoring, cybersecurity awareness campaigns, CISO newsletters, and the Phishing program.
• Management of the cybersecurity policy framework ensuring the documentation is reviewed and updated to meet regulatory and contractual requirements.
• Provide regular reporting on Governance and Compliance programs and support leadership with risk prioritization and/or escalations.
• Monitor current and proposed cybersecurity changes impacting regulatory and Cybersecurity industry best practice guidance.
• Assist the Director in developing metrics to assess the success of the Cybersecurity program and provide regular reports to cybersecurity leadership.
• Work in tandem with cybersecurity, leadership to perform ongoing Cybersecurity program assessments.
• Liaison with auditors, both internal and external, to maintain and implement controls.

Required Qualifications:

• Typically requires a minimum of 5+ years of experience in cybersecurity as a practitioner with exposure to security frameworks.
• Typically requires Bachelor’s degree in information security or related field.
• Experience with cybersecurity technology skills for well-rounded proficiency, as well as proven ability to align with security practices and compliance responsibilities.
• Experience and understanding of various cybersecurity frameworks, regulatory requirements and laws (ex., ISO, NIST, etc.).
• Experience with cloud environments such Amazon Web Services (AWS).
• Demonstrated problem-solving capabilities, and ability to manage complex local and international Cybersecurity requirements.

Preferred Qualifications:

• Masters Degree.
• Aerospace & Defense Industry.
• Cyber Security Certifications such as: CISSP, CRISC, CISA.

“This position requires you to have or obtain a government security clearance. Security clearances may only be granted to U.S. citizens.”