NIST Compliance Specialist
At Coffman Engineers, we serve as both prime consultant and sub consultant on projects large and small, including commercial, retail, institutional, government, industrial, and project/construction management. Incorporated in 1979, we have employees in more than 16 locations serving clients across the United States and overseas.
To meet client objectives and to integrate our many disciplines, we can create teams comprised of civil, structural, mechanical, electrical, fire protection, and corrosion control, as well as project/construction managers and professionals in a variety of specialty services. This ability has made us a leader in the engineering and construction communities, and has strengthened our reputation as being progressive, innovative, and a great place to work.
Coffman Engineers is looking for a Compliance Specialist with seven to ten years of applicable experience with security concepts and methodologies related to DFARS, NASA FAR, and NIST 800-171 controls. The successful candidate will have exceptional written, verbal, and interpersonal communication skills and is comfortable working with executive leadership, IT and HR to develop, implement, and maintain policies, procedures and employee training related to cybersecurity. A high degree of confidentiality and tact are key success factors for this position.
This position offers some flexibility in working from a different Coffman office location, although our preference is for Seattle, WA.
- Conduct IT/cybersecurity control assessments, remediation, monitoring, reporting, and tracking audit and review activities using key metrics
- Translate legal and regulatory requirements into a unified collection of processes & procedures
- Map compliance requirements to technical controls as defined in NIST
- Conduct post-assessment risk analysis, root cause analysis, develop metrics / reports / briefings, and support the creation and tracking of mitigation and corrective action plans
- Define and propose solutions to gaps in safeguarding company property and information
- Manage external audits, third-party penetration tests, and client assessments, including records
- Work with stakeholders to develop and present best practices and training materials
- Maintain the System Security Plan (SSP)
- Work with subcontractors to obtain certifications and compliance related to DFARS, as applicable
- Participate & contribute to the Insider Threat Working Group and interface regularly with FSO, ITPSO & IT
- Obtain certifications and participate in professional affiliations as needed
- U.S. Citizenship, required
- Advanced writing and presentation skills required
- 4-year degree in applicable field preferred
- 7 to 10 years of applicable experience; including 4-years leading internal and/or external audits
- Experience in Payment Card Industry (PCI) compliance and/or ISO 27001 preferred
- Cybersecurity Certifications preferred (i.e., CISSP, CISM, CISA)
- Ability to manage multiple concurrent projects
COVID-19 Vaccine Mandates
At this time, Coffman Engineers is subject to various state and client COVID-19 vaccination mandates in order to work on certain projects. In addition, there are two federal mandates pending which are under review by the United States legal system. If either mandate is implemented, it would impact Coffman employees.
Therefore, we will ask you about your COVID-19 vaccination status upon hire. If you choose not to be vaccinated for COVID-19, or request and are denied a medical or religious exemption, or we are unable to accommodate you even with an approved exemption, or you do not wish to inform us of your COVID-19 vaccination status, our ability to continue your employment may be impacted.
Thank you for your patience and understanding during this time of transition in our country. If you have any questions about these mandates or any other questions generated by this message, please contact the HR Representative with whom you have been working.
Why You Want To Work Here
Coffman truly focuses on its employees. We support and encourage individually tailored professional and technical advancement as well as personal growth. We offer an excellent salary/benefits package, a desirable location, and a professional office environment with the opportunity to work with a collaborative team.
Coffman offers a flexible PTO program, a fun office environment, and free daily breakfast. Coffman’s Seattle office is located in a newly renovated office space close to convenient transportation options, the historic Pike Place Market, and all that downtown and the waterfront has to offer. We welcome the dedicated and the driven to join us.
Don’t take our word for it. Check out what others are saying:
Coffman at a Glance:
- 43 years in business
- 650+ employees serving clients throughout the U.S. and overseas from more than 20 locations
- Multi-discipline engineering services plus corrosion control, commissioning and project/construction management
- #27 Top 80 Engineering Firms, Building Design+Construction, 2019
- #29 Zweig Group Hot Firm List, Zweig Group, 2021
- #157 Top 500 Design Firms, Engineering News-Record, 2022
You must apply online for this position. If you are unable to complete our online application process, or if you need assistance to do so, let us know so we can provide a reasonable accommodation.
If you are experiencing problems applying through our system, please try again using a different browser or an updated version of your current browser. If that doesn't work, please contact us directly.
This position is direct with Coffman Engineers; we are an Equal Opportunity and Affirmative Action Employer of Minorities/Females/Veterans/Disabled individuals.
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Senior DevSecOps Engineer jobs
- Open Senior Security Operations Engineer jobs
- Open Senior Security Analyst jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Head of Information Security jobs
- Open Sr. Security Engineer jobs
- Open SOC Analyst jobs
- Open Staff Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Offensive Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Information Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Security Researcher jobs
- Open Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open Cloud Security Operations Lead jobs
- Open Cloud Security Automation Specialist jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Security Engineer II jobs
- Open Security Engineering Manager jobs
- Open GCP-related jobs
- Open Kubernetes-related jobs
- Open Analytics-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Clearance-related jobs
- Open Audits-related jobs
- Open Agile-related jobs
- Open Threat intelligence-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open CISM-related jobs
- Open Governance-related jobs
- Open CISA-related jobs
- Open Ruby-related jobs
- Open DevSecOps-related jobs
- Open ISO 27001-related jobs
- Open Open Source-related jobs
- Open Encryption-related jobs
- Open Security assessments-related jobs
- Open GDPR-related jobs