GRC Technical Writer
USA, Remote
Digital Science
GRC Technical Writer
We are Digital Science and we are advancing the research ecosystem. We are a pioneering technology company, and our vision is of a future where a trusted and collaborative research ecosystem drives progress for all. We believe in better, open, collaborative and inclusive research. In creating the next generation of tools and working in partnership with the community we tackle some of the biggest challenges to research. In order to achieve our vision, we need innovative, inspiring and dynamic people to join our team. Want to join us?
Your new role
As our GRC Technical writer, you will be part of our Information Security team, overseeing our Governance, Risk and Compliance documentation. This role partners with several areas of Digital Science and adds value through contributing to a robust compliance framework to meet our ever evolving compliance requirements. You will be a member of a new sub-team, primarily responsible for the delivery and maintenance of compliance specific to large, US (Federal) customers with enhanced security and privacy requirements alongside providing support to the wider organization. This is a very important role which requires a high standard of communication and stakeholder management.
This role (due to Federal requirements) can only be satisfied by a “US citizen, US national, or US person” and additional checks may be required.
The talent we secure is fundamental to us achieving our vision and our growth plans. The values we live by are:
We are brave in the pursuit of better We are collaborative and inclusive We are always open-minded We are from and for the community
We're an equal opportunity employer. All applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status
Additional Information
Please note that, in light of vaccination mandates for US Government contractors, Digital Science requires that all US-based employees are fully vaccinated against COVID-19, subject to approved accommodations.
Department: Technical
Employment Type: Full Time
Location: USA, Remote
Description
About usWe are Digital Science and we are advancing the research ecosystem. We are a pioneering technology company, and our vision is of a future where a trusted and collaborative research ecosystem drives progress for all. We believe in better, open, collaborative and inclusive research. In creating the next generation of tools and working in partnership with the community we tackle some of the biggest challenges to research. In order to achieve our vision, we need innovative, inspiring and dynamic people to join our team. Want to join us?
Your new role
As our GRC Technical writer, you will be part of our Information Security team, overseeing our Governance, Risk and Compliance documentation. This role partners with several areas of Digital Science and adds value through contributing to a robust compliance framework to meet our ever evolving compliance requirements. You will be a member of a new sub-team, primarily responsible for the delivery and maintenance of compliance specific to large, US (Federal) customers with enhanced security and privacy requirements alongside providing support to the wider organization. This is a very important role which requires a high standard of communication and stakeholder management.
This role (due to Federal requirements) can only be satisfied by a “US citizen, US national, or US person” and additional checks may be required.
What you’ll be doing
- Work with the stakeholders from across the group, our customer-base and third-party vendors/partners, to embed and enhance InfoSec compliance for products, services and business units under your purview.
- Writing, reviewing and updating information security policies, procedures, standards and guidelines spanning across several frameworks including FedRAMP, NIST and ISO 27001 primarily.
- Managing and maintaining a documentation inventory using existing GRC tool(s).
- Assist in drafting responses to risk assessments and where appropriate, audit responses and security questionnaires.
- Advising on the implementation of security controls, risk frameworks and alignment with regulatory and compliance frameworks.
- Assist in auditing controls across multiple security frameworks to identify gaps
- Collaborate with subject matter experts across the organization as a bridge between technical and infosec functions.
- Provide customers and auditors with documentation relating to security assessments and audits.
- Reporting to CISO, Deputy CISO, senior management and stakeholders in order to understand the performance of the system.
What you’ll bring to the role
- You will have a demonstrable track record in GRC technical writing and tooling (Ideally utilizing Hyperproof or similar)
- You have significant, expert, professional experience in Information Security Compliance with demonstrable expertise spanning several frameworks simultaneously e.g. FedRAMP (to at least ‘moderate’ level), DoD IL4 and NIST-800 (53 and 218 at a minimum).
- You have parallel knowledge of ISO/IEC 27001 and 27701 in order to compare, contrast and advise on meeting requirements and controls required to achieve and maintain FedRAMP compliance.
- You will have successfully contributed to a FedRAMP implementation programme utilizing consultants, third-parties and internal resources.
- You’re highly organized and have the ability to work on intricate details without losing the big picture
- You’ll be a strong communicator and comfortable communicating with people at all organizational levels and leading conversations around recommendations for improvements
- You have a collaborative approach to how you work and ensure all groups are communicated with and understand your process and approach
- You’re a self learner and have an inquisitive mind
- You’re resourceful and solutions focussed, making practical considerations for all groups involved
- You’re a natural problem solver and have strong analytical skills
- Bachelor degree in English, Technical Communication, Information Systems or a Cyber Security related field, and/or equivalent Information Security related certifications.
Living our Values
We invest in, nurture and support innovative businesses and technologies that make all parts of the research process more open, efficient and effective.The talent we secure is fundamental to us achieving our vision and our growth plans. The values we live by are:
We are brave in the pursuit of better We are collaborative and inclusive We are always open-minded We are from and for the community
We're an equal opportunity employer. All applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status
Additional Information
Please note that, in light of vaccination mandates for US Government contractors, Digital Science requires that all US-based employees are fully vaccinated against COVID-19, subject to approved accommodations.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISO Compliance DoD FedRAMP Governance ISO 27001 NIST Privacy Risk assessment Security assessment
Perks/benefits: Startup environment
Region:
Remote/Anywhere
Job stats:
12
2
0
Category:
Compliance Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Consultant jobs
- Open Senior Network Security Engineer jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open Risk assessment-related jobs
- Open CISM-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs