NIST Compliance Specialist
Seattle, WA
Applications have closed
Coffman Engineers, Inc.
Company Description
At Coffman Engineers, we serve as both prime consultant and sub consultant on projects large and small, including commercial, retail, institutional, government, industrial, and project/construction management. Incorporated in 1979, we have employees in more than 16 locations serving clients across the United States and overseas.
To meet client objectives and to integrate our many disciplines, we can create teams comprised of civil, structural, mechanical, electrical, fire protection, and corrosion control, as well as project/construction managers and professionals in a variety of specialty services. This ability has made us a leader in the engineering and construction communities, and has strengthened our reputation as being progressive, innovative, and a great place to work.
Job Description
Coffman Engineers is looking for a Compliance Specialist with seven to ten years of applicable experience with security concepts and methodologies related to DFARS, NASA FAR, and NIST 800-171 controls. The successful candidate will have exceptional written, verbal, and interpersonal communication skills and is comfortable working with executive leadership, IT and HR to develop, implement, and maintain policies, procedures and employee training related to cybersecurity. A high degree of confidentiality and tact are key success factors for this position.
This position offers some flexibility in working from a different Coffman office location, although our preference is for Seattle, WA.
Responsibilities include:
- Conduct IT/cybersecurity control assessments, remediation, monitoring, reporting, and tracking audit and review activities using key metrics
- Translate legal and regulatory requirements into a unified collection of processes & procedures
- Map compliance requirements to technical controls as defined in NIST
- Conduct post-assessment risk analysis, root cause analysis, develop metrics / reports / briefings, and support the creation and tracking of mitigation and corrective action plans
- Define and propose solutions to gaps in safeguarding company property and information
- Manage external audits, third-party penetration tests, and client assessments, including records
- Work with stakeholders to develop and present best practices and training materials
- Maintain the System Security Plan (SSP)
- Work with subcontractors to obtain certifications and compliance related to DFARS, as applicable
- Participate & contribute to the Insider Threat Working Group and interface regularly with FSO, ITPSO & IT
- Obtain certifications and participate in professional affiliations as needed
Qualifications
- U.S. Citizenship, required
- Advanced writing and presentation skills required
- 4-year degree in applicable field preferred
- 7 to 10 years of applicable experience; including 4-years leading internal and/or external audits
- Experience in Payment Card Industry (PCI) compliance and/or ISO 27001 preferred
- Cybersecurity Certifications preferred (i.e., CISSP, CISM, CISA)
- Ability to manage multiple concurrent projects
Additional information
COVID-19 Vaccine Mandates
At this time, Coffman Engineers is subject to various state and client COVID-19 vaccination mandates in order to work on certain projects. In addition, there are two federal mandates pending which are under review by the United States legal system. If either mandate is implemented, it would impact Coffman employees.
Therefore, we will ask you about your COVID-19 vaccination status upon hire. If you choose not to be vaccinated for COVID-19, or request and are denied a medical or religious exemption, or we are unable to accommodate you even with an approved exemption, or you do not wish to inform us of your COVID-19 vaccination status, our ability to continue your employment may be impacted.
Thank you for your patience and understanding during this time of transition in our country. If you have any questions about these mandates or any other questions generated by this message, please contact the HR Representative with whom you have been working.
Why You Want To Work Here
Coffman truly focuses on its employees. We support and encourage individually tailored professional and technical advancement as well as personal growth. We offer an excellent salary/benefits package, a desirable location, and a professional office environment with the opportunity to work with a collaborative team.
Coffman offers a flexible PTO program, a fun office environment, and free daily breakfast. Coffman’s Seattle office is located in a newly renovated office space close to convenient transportation options, the historic Pike Place Market, and all that downtown and the waterfront has to offer. We welcome the dedicated and the driven to join us.
Don’t take our word for it. Check out what others are saying:
http://www.glassdoor.com/Reviews/Coffman-Engineers-Reviews-E409809.htm
Coffman at a Glance:
- 43 years in business
- 650+ employees serving clients throughout the U.S. and overseas from more than 20 locations
- Multi-discipline engineering services plus corrosion control, commissioning and project/construction management
- #27 Top 80 Engineering Firms, Building Design+Construction, 2019
- #29 Zweig Group Hot Firm List, Zweig Group, 2021
- #157 Top 500 Design Firms, Engineering News-Record, 2022
Applying
You must apply online for this position. If you are unable to complete our online application process, or if you need assistance to do so, let us know so we can provide a reasonable accommodation.
If you are experiencing problems applying through our system, please try again using a different browser or an updated version of your current browser. If that doesn't work, please contact us directly.
This position is direct with Coffman Engineers; we are an Equal Opportunity and Affirmative Action Employer of Minorities/Females/Veterans/Disabled individuals.
Follow us!
Twitter: @CoffmanEngineer
Instagram: @CoffmanEngineers
LinkedIn: https://www.linkedin.com/company/coffman-engineers
Facebook: @CoffmanEngineers
Tags: Audits CISA CISM CISSP Compliance DFARS Industrial ISO 27001 ITPSO Monitoring NIST Risk analysis System Security Plan
Perks/benefits: Career development Flex hours Flex vacation Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs