Security Compliance Auditor

🇺🇸 Natick, MA

🕑 Full-Time

💰 TBD

💻 Cybersecurity

🗓️ February 4th, 2025

CISSP

Edtech.com's Summary

Mathworks is hiring a Security Compliance Auditor. The role requires assessing compliance with NIST 800-171, NIST 800-53, and CMMC standards. Responsibilities include evaluating security controls, identifying improvement areas, collaborating with cross-functional teams, participating in external audits, and enhancing the company's security posture.

Highlights

Conduct audits following NIST 800-171, NIST 800-53, and CMMC guidelines.
Evaluate and improve security measures.
Maintain compliance documentation and develop security policies.
Provide risk mitigation and control enhancement recommendations.
Requires a bachelor's degree and 3 years of relevant experience.
Strong knowledge of cybersecurity frameworks and infrastructure is essential.
Preferred certifications: CISA, CISSP, or CMMC-AB Assessor.

Security Compliance Auditor Full Description

Security Compliance Auditor

Job Summary

We are seeking a skilled Senior Security Compliance Auditor to join our dynamic team and assess compliance to NIST 800-171, NIST 800-53, and CMMC standards. This role involves evaluating our security controls, identifying areas of improvement, working with cross-functional teams to enhance our security posture, and participating in external audit and certifications.

Responsibilities

Conduct comprehensive audits of security controls in accordance with NIST 800-171, NIST 800-53, and CMMC guidelines.
Evaluate the effectiveness of security measures and identify areas for improvement.
Ensure ongoing compliance with federal and industry standards.
Develop and maintain documentation related to compliance activities and findings.
Provide recommendations for risk mitigation and control enhancements.
Assist in the development and implementation of security policies and procedures aligned with regulatory requirements.
Support the lifecycle management of compliance-related documentation.
Conduct training sessions to raise awareness about compliance requirements and best practices.
Stay updated on the latest developments in NIST and CMMC standards.
Work closely with cross-functional stakeholders across various departments such as IT, Engineering, HR, Legal to address compliance gaps.
Communicate audit results and recommendations to stakeholders and senior management.

Minimum Qualifications

A bachelor's degree and 3 years of professional work experience (or a master's degree, or equivalent experience) is required.

Additional Qualifications

Strong knowledge of software development processes, on-prem and cloud-based infrastructure, cybersecurity, network security, risk management, application security, and third-party management.
Proven experience in security compliance auditing and cybersecurity frameworks, particularly with NIST 800-171, NIST 800-53, and CMMC.
Excellent analytical, problem-solving, and communication skills, with a demonstrated ability to collaborate across teams and roles.
Relevant certifications such as CISA, CISSP, or CMMC-AB Assessor are preferred.

Location: US-MA-Natick

Department: Software Process Engineering

Original Job Description

Security Compliance Auditor

Job Summary

Responsibilities

Conduct comprehensive audits of security controls in accordance with NIST 800-171, NIST 800-53, and CMMC guidelines.
Evaluate the effectiveness of security measures and identify areas for improvement.
Ensure ongoing compliance with federal and industry standards.
Develop and maintain documentation related to compliance activities and findings.
Provide recommendations for risk mitigation and control enhancements.
Assist in the development and implementation of security policies and procedures aligned with regulatory requirements.
Support the lifecycle management of compliance-related documentation.
Conduct training sessions to raise awareness about compliance requirements and best practices.
Stay updated on the latest developments in NIST and CMMC standards.
Work closely with cross-functional stakeholders across various departments such as IT, Engineering, HR, Legal to address compliance gaps.
Communicate audit results and recommendations to stakeholders and senior management.

Minimum Qualifications

A bachelor's degree and 3 years of professional work experience (or a master's degree, or equivalent experience) is required.

Additional Qualifications

Strong knowledge of software development processes, on-prem and cloud-based infrastructure, cybersecurity, network security, risk management, application security, and third-party management.
Proven experience in security compliance auditing and cybersecurity frameworks, particularly with NIST 800-171, NIST 800-53, and CMMC.
Excellent analytical, problem-solving, and communication skills, with a demonstrated ability to collaborate across teams and roles.
Relevant certifications such as CISA, CISSP, or CMMC-AB Assessor are preferred.