Cybersecurity Compliance Specialist na Albany International Corporation

About Global Information Services (GIS)

Global Information Services (GIS) provides cutting-edge IT solutions and cybersecurity services to internal users and customers. The GIS team is committed to securing enterprise information, ensuring compliance, and proactively mitigating cyber threats.

Position Overview

As a key role in the Enterprise Cybersecurity Team, the Information Security Compliance Specialist is responsible for compliance management, ensuring adherence to frameworks like CMMC and NIST SP800-171. This role encompasses a broad range of responsibilities including policy development and strategic project management of compliance initiatives.

The Information Security Compliance Manager will help navigate increasingly complex and rapidly changing cybersecurity compliance regulations. They will lead framework-based assessments to ensure the enterprise meets all regulatory data security requirements and determine the company's preparedness for audit.

This role reports to the Sr. Director of Information Security and will be an onsite position at the Portsmouth, New Hampshire headquarters.

Key Responsibilities

Compliance & Risk Management

• Lead compliance efforts related to CMMC/NIST 800-171 and other relevant government frameworks.
• Develop and update cybersecurity policy packages and procedures to align with compliance requirements.
• Lead internal and external cybersecurity audits and risk assessments.
• Independently review the effectiveness of controls and control gaps based on the results of testing.
• Provide sound recommendations for audit findings and effectively support conclusions during discussions with stakeholders.
• Effectively communicate audit issues in both technical and non-technical terms to Operational and IT management.

Cybersecurity Operations

• Contribute to the daily monitoring and responding to cyber threats, phishing attempts, and security incidents.
• Coordinate periodic risk assessments, tabletop exercises, and penetration testing in accordance with best industry practices.
• Contribute to the enhancement of security operations policies, processes, and playbooks.
• Contribute to annual awareness training of the workforce on information security standards, policies and best practices.

Cross-Functional Collaboration

• Work with IT operations to ensure security of the global network, mobile devices, and physical security.
• Work with senior management during tabletop and crisis management sessions.
• Facilitate the cyber training and development of other IT members.
• Collaborate with vendor management, procurement, and finance teams on security-related vendor assessments.
• Maintain relationships with government contractors and Defense Industrial Base (DIB) stakeholders.