Senior IT Risk and Compliance Analyst (Audit, Governance Risk & Compliance)
St. Petersburg, Florida, United States
Applications have closed
Pole Star Defense
At Pole Star Space Defense, we engineer and integrate multiple types of data, and capabilities to meet government requirements. We create and deliver new technologies to provide the best in maritime domain awareness.Title: Sr IT Risk and Compliance Analyst
Reports to: VP, Cybersecurity
Based in: St. Petersburg, FL
Work Type: Hybrid (Ideally Commutable to St Pete but flexible for the right candidate to be remote with some travel to the office when it makes sense)
ABOUT THE COMPANY:
Pole Star Defense is a leading provider of maritime domain awareness, maritime security, and fisheries monitoring systems to the government sector. Since 1998, we have pushed the limits of innovation, mitigating growing threats to ships, supply chains, cargo, territorial waters and, most importantly, safety of lives at sea and beyond. Today, we continue to develop and implement pioneering intelligence technologies to protect customer vessels, people, maritime domain, and reputation.
POSITION DESCRIPTION:
Pole Star Defense’s Sr IT Risk and Compliance Analyst will provide continuous assessment of Pole Star’s risk universe and control environment. You must be able to understand complex business processes and identify the full range of risks related to processes, regulatory compliance, organization, policy, and technology. The ideal candidate should be able to provide real-time consultation on regulatory requirements and best practices during the development of systems and business processes. They must be comfortable interacting cross-departmentally and communicating clearly with stakeholders to ensure risks are mitigated appropriately.
RESPONSIBILITIES:
- Conducting regular IT audits to ensure compliance with established standards and frameworks (e.g., NIST, COBIT, FedRAMP).
- Developing, maintaining, and enforcing IT governance policies and procedures.
- Identifying, evaluating, and mitigating risks associated with IT operations and security.
- Collaborating with cybersecurity teams to integrate GRC activities with security practices.
- Assisting in the creation and maintenance of a comprehensive IT risk management program.
- Prepare audit reports, including clearly written, concise audit observations that effectively communicate identified issues and their related corrective actions to key stakeholders.
- Participate in departmental projects as assigned (e.g., audit lessons learned, training, continuous improvement) and annual audit training.
Requirements
- In-depth Knowledge of GRC Frameworks:
Proficiency in applying and interpreting common GRC frameworks such as NIST, CMMC, and FedRAMP, as well as understanding relevant regulations and compliance requirements. - IT Auditing Expertise:
Solid experience in conducting IT audits, assessing controls, and ensuring adherence to established policies, standards, and regulatory requirements. - Policy and Standard Development:
Strong capabilities in developing, implementing, and maintaining IT governance policies, procedures, and standards to support risk management and compliance objectives. - Cybersecurity Fundamentals:
A foundational understanding of cybersecurity principles and practices, with the ability to collaborate with security teams and integrate security considerations into GRC activities.
EDUCATION/CERTIFICATIONS:
- BA/BS degree in Information Sciences, Computer Sciences, Data Sciences, Accounting, Finance, or other business discipline
- Professional certifications (i.e. CISA, CIA, CRISC, CGEIT, CISSP)
DESIRED SKILLS (Not Required):
- Experience working with DHS or DOD
- DoD Security Clearance
TRAVEL REQUIRED:
- Ability for up to 10% travel both domestic and international.
Benefits
Pole Star Defense offers benefits that are designed to lead an evolving marketplace and encourage a healthy balance between work and life. Highlights of those benefits are listed below:
- Salary $95,000-115,000
- Medical, Vision, Dental, for employees and dependents (100% covered by company)
- Life insurance, company funded to 2x salary
- 20 days annual leave (can buy or sell more days)
- Up to a 5% 401K matching
- Gym membership subsidy
- Volunteer Day PTO
- Refer-a-friend recruitment bonus
- Unlimited learning & development via our learning platform.
WORK SCHEDULE NOTE:
While this position is scheduled for a traditional Monday – Friday work week, our systems run 24/7/365 and as such, you may be expected to perform out of hours, on-call support on an as needed basis. This may include weekends and/or holidays and is worked on a rotation system with other team members. Additional compensation may be available for working on-call, standby or holiday hours.
This is a Public Trust position and requires completion of a State and Federal Criminal History Report (i.e., background check) and may require a Department of Defense security clearance. Current and future employment will be contingent upon satisfactory completion of both the FBI Summary History Report and if designated, a DoD security clearance.
This position requires use of or access to information subject to the Export Administration Regulations (“EAR”) or the International Traffic in Arms Regulations (“ITAR”). Accordingly, all applicants must be U.S. persons within the meaning of these regulations. Under ITAR, a U.S. person is defined as a U.S. Citizen, U.S. Permanent Resident, or a person who is a protected individual under the immigration and Naturalization Act (8 U.S.C. 1324b(a)(3))
Pole Star Defense is a U.S. Government contractor and is an Equal Opportunity Employer including disability and veterans.
*This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended at the sole discretion of the employer*
Tags: Audits C CIA CISA CISSP Clearance CMMC COBIT Compliance CRISC DoD FedRAMP Finance Governance Monitoring NIST Risk management Security Clearance
Perks/benefits: Career development Fitness / gym Flex hours Flex vacation Health care Insurance Medical leave Salary bonus Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs