Compliance and Security Specialist

Overview

Remote
On Site
Depends on Experience
Contract - W2

Skills

Auditing
CISM
CISSP
Communication
Compliance Management
Cyber Security
DFAR
Data Integration
Documentation
FAR
ISACA
ISO/IEC 27001:2005
Information Security
Information Systems
Management
NIST SP 800 Series
Plant Lifecycle Management
Product Lifecycle Management
Regulatory Compliance
Reporting
Risk Assessment
Risk Management
Security Controls

Job Details

Job Title: Compliance and Security Specialist
Location: In Milford near Cincinnati or Remote

We are seeking a knowledgeable and experienced Compliance and Security Specialist to manage and support our security, risk, and compliance initiatives, including ISO 27001, NIST, CMMC 2.0, and CFIUS compliance, with good understand of relevant FAR & DFAR clause. This role ensures that our organization adheres to information security best practices and regulatory requirements, particularly in sensitive areas involving national security and foreign investment.

Compliance Management: Lead initiatives to achieve and maintain compliance with ISO 27001, NIST SP 800-53/CSF, and CMMC 2.0 (Levels 1 3).Oversee compliance with CFIUS requirements for organizations subject to foreign ownership, control, or influence (FOCI). Conduct Internal (Self) Audits, Gap assessments, Risk assessments, Mitigation planning and readiness reviews across compliance frameworks. Support review of Customer contract documents related to Security, FAR / DFAR clause. CFIUS Oversight: Manage and monitor compliance with mitigation agreements and security commitments imposed by CFIUS. Maintain documentation and reporting required for CFIUS oversight and coordinate responses to information requests. Audit & Certification Support: Conduct audits and support external audits, assessments, and certifications (e.g., ISO 27001, NIST, CMMC). Coordinate evidence collection and responses during audits and ensure timely remediation of findings.
Education: Bachelor s degree in Cybersecurity, Information Security, or related field (or equivalent experience).
Certifications (Preferred- one or more): ISO 27001 internal Auditor
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified CMMC Professional (CCP)
Certified in Risk and Information Systems Control (CRISC)
4+ years of experience in cybersecurity compliance and regulatory frameworks.Hands-on experience with ISO 27001, NIST SP 800-53/CSF, and CMMC 2.0. Experience managing or supporting CFIUS or FOCI compliance programs.

Strong understanding of U.S. regulatory and security compliance requirements. Deep knowledge of security control frameworks and risk management. Exceptional written and verbal communication skills.Ability to manage multiple high-priority projects across departments.Skilled in developing clear, actionable documentation and reports for technical and executive audiences.Ability to liaison with multiple stakeholders with in the company and corporate

Mandatory Skills: CAD PLM Data Integration

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About SidRam Technologies