Remote Information Security Compliance Officer
Role details
Job location
Tech stack
Job description
Tekberry is seeking an experienced Information Security Compliance Officer to join a highly visible Information Security Office supporting a premier university environment. This role will lead enterprise cybersecurity governance, risk, and compliance initiatives with a primary focus on NIST readiness, NIH cybersecurity requirements, Cybersecurity Maturity Model Certification (CMMC), and NIST SP 800-171 compliance.
The ideal candidate will possess extensive experience leading information security compliance programs, conducting risk assessments, developing security frameworks, and driving audit readiness efforts across complex organizations. Responsibilities
- Lead and execute enterprise-wide NIST readiness initiatives and cybersecurity compliance programs
- Develop and implement comprehensive strategies to prepare the organization for security audits and evolving regulatory requirements
- Lead compliance efforts related to NIH requirements, CMMC, and NIST SP 800-171 standards
- Assess current security posture, identify compliance gaps, and implement corrective actions
- Develop and maintain System Security Plans (SSPs) and oversee Plans of Action and Milestones (POA&Ms)
- Design and implement risk assessment frameworks to identify and mitigate cybersecurity risks
- Develop, maintain, and enforce information security policies, standards, and procedures
- Ensure compliance with NIST, HIPAA, ISO 27001, PCI DSS, and other applicable regulations and standards
- Partner with IT, Legal, Finance, Human Resources, Research Computing, and other stakeholders to integrate information security into enterprise risk management processes
- Coordinate internal and external security audits and support vulnerability assessments
- Maintain detailed documentation related to security incidents, risk assessments, compliance activities, and audit findings
- Develop and promote security awareness, training, and compliance initiatives
- Provide leadership, guidance, and mentorship to stakeholders and team members
- Monitor industry trends, emerging threats, and evolving regulatory requirements
Requirements
Do you have experience in Vulnerability management?, Do you have a Bachelor's degree?, * Bachelor's degree or equivalent combination of education and experience
- Minimum of 7 years of experience in information security, risk management, compliance, or related cybersecurity disciplines
- Proven experience establishing and managing information security compliance frameworks
- Extensive knowledge of NIST frameworks, particularly NIST SP 800-171
- Experience supporting Cybersecurity Maturity Model Certification (CMMC) Level 1 and Level 2 initiatives
- Significant experience leading security audits, risk assessments, and vulnerability assessments
- Extensive experience developing information security policies, standards, and procedures
- Comprehensive knowledge of cybersecurity technologies including encryption, firewalls, intrusion detection systems, SIEM platforms, and related security tools
- Demonstrated leadership experience within cybersecurity, information security, or compliance teams
- Strong analytical, critical-thinking, and problem-solving skills
- Excellent written, verbal, and presentation skills with the ability to communicate complex technical concepts to both technical and non-technical audiences
Preferred Qualifications
- Experience working within higher education environments
- Experience supporting research organizations and research compliance programs
- Knowledge of NIH cybersecurity requirements
- Experience with ISO 27001, HIPAA, and PCI DSS compliance programs
- Professional certifications such as CISSP, CISM, CRISC, Security+, or equivalent
- Experience collaborating with legal, audit, and regulatory teams
Top Requirements
- Experience with CMMC Level 1 and Level 2 compliance initiatives
- Extensive experience developing security policies and standards
- Strong knowledge of NIST frameworks and cybersecurity compliance
- Excellent written, verbal, and interpersonal communication skills
- Higher education experience preferred
Work Environment
- 100% remote position
- Standard business hours, Monday through Friday
- Highly collaborative environment supporting university-wide cybersecurity initiatives
- Frequent interaction with technical and non-technical stakeholders across the organization
As a Tekberry W2 employee, you will have access to medical, dental, and vision benefits effective the 1st of the month following your start date.
We need hard-working, reliable employees. If you're ready to lead cybersecurity compliance initiatives and strengthen information security practices within a dynamic academic environment, we want to hear from you!
Benefits & conditions
Pulled from the full job description
- Vision insurance
- Dental insurance