Senior Cybersecurity Risk & Compliance Analyst

Overview

Remote
Depends on Experience
Contract - W2

Skills

Cyber Security
Compliance
Risk
ISO
NIST
GRC

Job Details

Object Technology Solutions, Inc (OTSI) has an immediate opening for a Senior Analyst, Cybersecurity Risk & Compliance.

Senior Analyst, Cybersecurity Risk & Compliance (Remote)

Major Responsibilities:

  • We are hiring a P4-level professional to support and help lead the client Risk & Compliance function, with a primary focus on maintaining our ISO 27001 certification and supporting our obligations on NIST 800-171.
  • The right candidate will support the client Risk and Compliance program, which includes Governance Risk and Compliance (GRC), and Third Party Risk Management (TPRM), bring structure to our processes, and help stabilize and scale the function.
  • Regulatory & Standards Support:
    • Contribute to all ISO 27001 activities, including internal audit readiness, external recertification, and ongoing control maintenance.
    • Support NIST 800-171 compliance efforts, including maintenance of System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and gap assessments.
    • Have working knowledge and able support GDPR, NIST CSF, CMMC, TISAX, ITAR, and AI related compliance as well as the ability to gain knowledge on future certification and regulation requirements.
    • Assist in engagement with government compliance stakeholders and maintain awareness of requirements.
  • Risk & Compliance Operations Governance Risk and Compliance (GRC) and Third-Party Risk Management (TPRM):
    • Maintain the client Risk Register and track mitigation progress across all functional areas.
    • Coordinate the Security Exception process, ensuring proper documentation, approvals, and governance.
    • Including vendor assessments, reviews, remediation follow-up, and monitoring.
    • Write and update policy and standards and provide governance, oversight, and assurance.
    • Administer GRC/TPRM tooling (ZenGRC) and ensure evidence management and workflows are maintained and audit-ready. Have an understanding or ability to use ServiceNow and AuditBoard risk management products.
  • Audit & Customer Response:
    • Prepare audit documentation and assist with responses for internal and external audits.
    • Draft and maintain clear, consistent, and audit-ready documentation, including policies, control responses, and program updates.
    • Support customer assurance efforts related to ISO, NIST, and general cyber compliance.
    • Lead internal audits and assessments against client.
  • Program Execution & Scalability:
    • Help implement scalable, repeatable governance processes for policy and standard creation and lifecycle management.
    • Assist in developing compliance procedures, checklists, and review frameworks.
    • Support workflows for User Access Reviews (UAR), TPRM, and continuous monitoring.
  • Collaboration:
    • Work cross-functionally with Aptiv Cybersecurity, IT, Legal, HR, and Engineering, across Aptiv, HellermannTyton, Winchester, and Intercable.
    • Support communication and coordination with external auditors and internal stakeholders (including Primary Security Officer, Aptiv Legal, and Aptiv leadership).
    • Support Cybersecurity Training at client.

Qualifications and Experience:

  • 5+ years of cybersecurity, compliance, or GRC experience
  • Familiarity with ISO 27001, NIST 800-171, and enterprise GRC operations
  • Strong writing skills, with experience contributing to SSPs and POA&Ms
  • Working knowledge of ZenGRC or similar tools
  • Demonstrated ability to work across matrixed teams
  • Experience with customer audit responses and regulatory compliance

Preferred Qualifications:

  • Experience supporting government-mandated compliance frameworks
  • Involvement in ISO 27001 recertification efforts or similar standards
  • Experience with third-party risk tools (e.g., BlueVoyant, BitSight)
  • Familiarity with client or embedded systems companies is a plus

About us:

OTSI is a leading global technology company offering solutions, consulting, and managed services for businesses worldwide since 1999. OTSI serves clients from its 15 offices across 6 countries around the globe with a Follow-the-Sun model. Headquartered in Overland Park, Kansas, we have a strong presence in North America, Central America, and Asia-Pacific with a Global Delivery Centre based in India. These strategic locations offer our customers the competitive advantages of onshore, near shore, and offshore engagement and delivery options, with 24/7 support. OTSI works with 100+ enterprise customers, of which many are Fortune ranked, OTSI focuses on industry segments such as Banking, Financial Services & Insurance, Healthcare & Life Sciences, Energy & Utilities, Communications & Media Entertainment, Engineering & Telecom, Retail & Consumer Services, Hi-tech, Manufacturing, Engineering, transport logistics, Government, Defence & PSUs.

Our Centre of Excellence:

  • Data & Analytics
  • Digital Transformation
  • QA & Automation
  • Enterprise Applications
  • Disruptive Technologies

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.