Compliance Specialist

Aquila Technology

Compliance Specialist

Lexington, MA
Full Time
Paid
  • Responsibilities

    Compliance Specialist

    Clearance: None

    At Aquila Technology, you will see our team’s passion every day, whether we are building a robust, policy-compliant IT system or stress-testing a system to identify gaps and security vulnerabilities. To own the advantage, we ensure our team owns results and gets the work done right the first time by deploying smart, purposeful solutions that work. Aquila is the right people with the right skills driving the right outcomes. We call this the Aquila Advantage.

    About the Role:

    Aquila is seeking a Compliance Specialist to join our team in supporting one of the country’s premier defense research organizations. The Compliance Specialist is responsible for maintaining and auditing programs to validate compliance with various organizations regulations and organizations Information Security policies. 

    There are a few requirements for the position:

    • Must be a U.S Citizen (Green Cards / Visas do not qualify)
    • Willingness to undergo a comprehensive background investigation and maintain a personal security clearance. (Aquila would sponsor you for the security clearance.)
    • Must be within commutable distance of Lexington, Massachusetts.

    Responsibilities:

    Develops and oversees compliance programs, supporting compliance efforts, governance/policy, reporting, and incident response. Ensures that the organization remains compliant with all regulations and policies as required based on the local and federal requirements, specifically FAR and DFAR regulations. Conducts internal compliance reviews and documents findings. May participate in internal or external audits. Recommends process or policy change to increase compliance or efficiencies. Generates reports and analyzes data on applicable compliance related topics. Engages with internal stakeholders and any external partners as needed. Develops presentations and collateral for compliance related topics.

    What You'll Bring:

    • Bachelor’s degree in Computer Science, Information Technology, Computer Information Systems, or related field is required with a minimum of seven (7) years’ experience conducting risk assessments. 
    • Experience in compliance auditing, security reviews, or vulnerability assessments.
    • Technical experience and skills, course work completed toward a degree, and industry IT certifications (i.e. CISSP, CISA) may be considered substitutes for education and experience. 
    • Candidate must possess an in-depth knowledge of information security principles and policies such as Risk Management Framework (RMF) as presented by the National Institute of Standards and Technology (NIST), NIST SP 800-171 and Security Technical Implementation Guides (STIGs). 
    • The ability to read, understand and apply government regulation, policies and procedure such as the National Industrial Security Program Operating Manual (NISPOM), 32 CFR Part 117, FAR/DFARS Safeguarding CUI series (252.204-7012, etc.), computer security principles and policies, to include, Security Technical Implementation Guides (STIGs) and NIST 800-53 / Risk Management Framework (RMF) and NIST SP 800-171.
    • Working experience directly related to Assessment and Authorization using any of the following: 
    • NIST 800-53/Risk Management Framework (RMF)
    • Joint Special Access Program (SAP) Implementation Guide
    • NIST SP 800-171 Understanding of CMMC Framework 
    • National Industrial Security Program Operating Manual (NISPOM) Chapter 8 

     

     

    Must Have:

    • Bachelor's Degree
    • 7 years Compliance & Auditing
    • 7 years Document audit findings, including non-compliance issues or deviations
    • 7 years Identify potential compliance issues and recommend policy/procedure changes
    • 3 years IT system security compliance (NIST, PCI, HIPPA, CMMC)
    • 7 years Support preparation for audit/review activities
    • 3 years STIG Compliance
    • 3 years NISPOM 32 CFR Part 117 experience
    • 3 years NIST 800-171
    • 3 years NIST 800-53
    • 3 years Risk Management Framework (RMF)
    • Strong Verbal and Written Communication
    • Time Management
    • 7 years MS Suite (Excel, ppt)

    Nice to Have:

    Security+ CE, CASP, CISSP, or similar security certification

    Cybersecurity Maturing Model Compliance (CMMC)


    Our interview process is designed to let you get to know us as much as for us to get to know you!

    1. You’ll meet with someone from our Recruiting team so we can learn more about you and answer some of your questions.
    2. You’ll meet with the Hiring Manager to learn more about the team, and the role, and get to tell us more about what you’d bring to the team
    3. You’ll meet team members who will be your peers to help you get a feel for a “real day in the life” at Self.

    Benefits and Perks:

    Aquila team members experience the opportunity to be part of a fast-paced, customer-focused, and technically innovative work environment. Aquila strives to deliver the best of the best in technical services to our customers. Candidates that possess a love for technical challenges, a desire to constantly learn, and the desire to establish themselves as critical players within a team will enjoy calling Aquila Technology home.

    Our Perks Include:

    • PTO - 15 days (vacation/sick) 10 paid holidays - 6 standard (New Year’s, Memorial Day, Independence Day, Labor Day, Thanksgiving, and Christmas) - 4 floating holidays prorated based on your day of hire
    • 1.5 paid days, or 12 hours, for approved volunteer work
    • 1 week of paid maternity/paternity LOA after 1 year of Full-time employment
    • Tuition & Training Reimbursement - 5K annually for pre-approved, job-related tuition, certification, or professional conferences
    • 401K with Fidelity 100% immediate vesting; Plan eligibility begins 90 days following the date of hire. Aquila matches 100% the first 3%, then 50% on the next 2%. It ends up calculating to be total 4%, company matches when an employee at least contributes at 5%.
    • Cell Phone & Internet Reimbursed up to $150 monthly to cover cell phone, data, and home internet expenses.
    • Buy Your Own Device (BYOD) Allowance Reimbursed up to $1500 for the purchase of a qualified technology device. Eligible after 90 days of employment, and benefit renews every three years.

    Location: ONSITE: This position will be predominantly onsite for the first 3-4 months (probably 4 days/wk onsite). After the initial ramp up period, there may be an opportunity for more remote, 2-3 days/week. Long term, candidate must be comfortable with being onsite at least 2 days and as needed for the project work.

    Travel: None

    Clearance: None

    We are an Equal Opportunity Employer.