Senior IT Risk and Compliance Analyst (Audit, Governance Risk & Compliance)

Title: Sr IT Risk and Compliance Analyst

Reports to: VP, Cybersecurity

Based in: St. Petersburg, FL

Work Type: Hybrid (Ideally Commutable to St Pete but flexible for the right candidate to be remote with some travel to the office when it makes sense)

ABOUT THE COMPANY:

Pole Star Defense is a leading provider of maritime domain awareness, maritime security, and fisheries monitoring systems to the government sector. Since 1998, we have pushed the limits of innovation, mitigating growing threats to ships, supply chains, cargo, territorial waters and, most importantly, safety of lives at sea and beyond. Today, we continue to develop and implement pioneering intelligence technologies to protect customer vessels, people, maritime domain, and reputation.

POSITION DESCRIPTION:

Pole Star Defense’s Sr IT Risk and Compliance Analyst will provide continuous assessment of Pole Star’s risk universe and control environment. You must be able to understand complex business processes and identify the full range of risks related to processes, regulatory compliance, organization, policy, and technology. The ideal candidate should be able to provide real-time consultation on regulatory requirements and best practices during the development of systems and business processes. They must be comfortable interacting cross-departmentally and communicating clearly with stakeholders to ensure risks are mitigated appropriately.

RESPONSIBILITIES:

• Conducting regular IT audits to ensure compliance with established standards and frameworks (e.g., NIST, COBIT, FedRAMP).
• Developing, maintaining, and enforcing IT governance policies and procedures.
• Identifying, evaluating, and mitigating risks associated with IT operations and security.
• Collaborating with cybersecurity teams to integrate GRC activities with security practices.
• Assisting in the creation and maintenance of a comprehensive IT risk management program.
• Prepare audit reports, including clearly written, concise audit observations that effectively communicate identified issues and their related corrective actions to key stakeholders.
• Participate in departmental projects as assigned (e.g., audit lessons learned, training, continuous improvement) and annual audit training.

Requirements

• In-depth Knowledge of GRC Frameworks:
  Proficiency in applying and interpreting common GRC frameworks such as NIST, CMMC, and FedRAMP, as well as understanding relevant regulations and compliance requirements.
• IT Auditing Expertise:
  Solid experience in conducting IT audits, assessing controls, and ensuring adherence to established policies, standards, and regulatory requirements.
• Policy and Standard Development:
  Strong capabilities in developing, implementing, and maintaining IT governance policies, procedures, and standards to support risk management and compliance objectives.
• Cybersecurity Fundamentals:
  A foundational understanding of cybersecurity principles and practices, with the ability to collaborate with security teams and integrate security considerations into GRC activities.

EDUCATION/CERTIFICATIONS:

• BA/BS degree in Information Sciences, Computer Sciences, Data Sciences, Accounting, Finance, or other business discipline
• Professional certifications (i.e. CISA, CIA, CRISC, CGEIT, CISSP)
  

DESIRED SKILLS (Not Required):

• Experience working with DHS or DOD
• DoD Security Clearance

TRAVEL REQUIRED:

• Ability for up to 10% travel both domestic and international.

Benefits

Pole Star Defense offers benefits that are designed to lead an evolving marketplace and encourage a healthy balance between work and life. Highlights of those benefits are listed below:

• Salary $95,000-115,000
• Medical, Vision, Dental, for employees and dependents (100% covered by company)
• Life insurance, company funded to 2x salary
• 20 days annual leave (can buy or sell more days)
• Up to a 5% 401K matching
• Gym membership subsidy
• Volunteer Day PTO
• Refer-a-friend recruitment bonus
• Unlimited learning & development via our learning platform.

WORK SCHEDULE NOTE:

While this position is scheduled for a traditional Monday – Friday work week, our systems run 24/7/365 and as such, you may be expected to perform out of hours, on-call support on an as needed basis. This may include weekends and/or holidays and is worked on a rotation system with other team members. Additional compensation may be available for working on-call, standby or holiday hours.

This is a Public Trust position and requires completion of a State and Federal Criminal History Report (i.e., background check) and may require a Department of Defense security clearance. Current and future employment will be contingent upon satisfactory completion of both the FBI Summary History Report and if designated, a DoD security clearance.

This position requires use of or access to information subject to the Export Administration Regulations (“EAR”) or the International Traffic in Arms Regulations (“ITAR”). Accordingly, all applicants must be U.S. persons within the meaning of these regulations. Under ITAR, a U.S. person is defined as a U.S. Citizen, U.S. Permanent Resident, or a person who is a protected individual under the immigration and Naturalization Act (8 U.S.C. 1324b(a)(3))

Pole Star Defense is a U.S. Government contractor and is an Equal Opportunity Employer including disability and veterans.

*This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended at the sole discretion of the employer*