Threat Level: green Handler on Duty: Yee Ching Tok

SANS ISC: InfoSec Jobs - SANS Internet Storm Center InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Information Security Compliance Analyst
Company Intel
Location Folsom, CA
Preferred GIAC Certifications GSEC
Travel 10%
Salary Not provided
URL https://jobs.intel.com/ShowJob/Id/3314929/Information%20Security%20Compliance%20Analyst
Contact Name Anonymous
Contact Email donotemail/at/sans.edu
Expires 2022-06-10

Job Description

Job Description
The IT InfoSec Government Security Solutions (GSS) Team is made up of highly experienced security professionals with skills ranging from solutions architecture and information security to application development and service operations. This cross-functional team is focused on supporting the unique IT information security and compliance requirements for Intel Federal LLC, a subsidiary of Intel, that delivers products and/or services to the US Government (USG).In the GSS Team, each person wears many hats and has multiple areas of expertise.

The Government Security Solutions (GSS) Team is seeking an Information Security Compliance Analyst to help drive focus on security regulation compliance to US requirements.

Responsibilities include but are not limited to:

Reviewing incoming contracts to understand federal security data safeguarding requirements, provide contract modification recommendations and drive security requirements to GSS team based on regulatory direction contracts and other security engagements. 
Maintain regulatory evidence including policies, standards training and compliance monitoring. 
Represent GSS in audit actions. 
Conduct risk assessments to help prioritize security controls deployment and ensure compliance with corporate cybersecurity policies, US Government regulations and standards. 
Coordinate with others to create computer based and instructor lead material to meet regulatory requirements on personal training related to information safeguarding. 
Assessing impact and clearly communicating narrowly up to leadership and broadly to the greater organization relevant information and actions needed in relation to incoming or new information safeguarding requirements. 
Utilize common toolsets used to maintain a system of record for all System Security Plans (SSP's), Plan of Actions and Milestones (POAM's) and revise them on a regular cadence to ensure audit readiness. 
Utilize SAFe Agile framework in Scrum and Kanban methodologies to manage workloads. 
Defense in-depth methodology when assessing the effectiveness of controls including how to apply a compensating control.
The ideal candidate will have:

Presentation skills to support communication to large organizations and VP level leadership alike using Teams, Skype, Power Point and including in person presentation of material on an ongoing basis
Influencing skills at all levels of the organization
Independently troubleshooting for successful problem resolution
Leadership, organization and communication skills
Information Security skills to support Risk Management leadership

Qualifications


You must possess the below minimum qualifications to be initially considered for this position. Qualifications listed as preferred or additional will be considered a plus factor for applicants.

Minimum Qualifications:

Bachelor's degree in Computer Science, Information Security or any other related field
3+ years of experience in the Information Technology (IT) industry or Government Support
Minimum 3 years of experience in:

IT Risk Assessment Methodology and how it applies to ensuring the confidentiality integrity and availability of Corporate and third party Information in an IT system
Information Security Policy authoring process

Preferred Qualifications:

Experience in/with:

Federal Contracting Industry resources to use for staying up with current and emerging Information Safeguarding regulation.
US Federal Acquisition FAR and DoD Federal Acquisitions regulation DFAR process including Prime Sub relationship and flow down of regulation.
Controlled Unclassified Information (CUI), International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR) classification frameworks and the relevant regulatory rules.
Information Safeguarding Regulations that Federal Contractors are subject to.
NIST Special Publication 800171 regulation and NSIT 800171A readiness assessment and documentation mythology including knowledge of System Security Plan and Plan of Action and Milestone creation.
Cyber Security Maturity Model Certification CMMC regulation and accreditation process.
Support Federal Contract capture process with working knowledge of the Proposal Contract negotiation and Execute phases of contract lifecycle management.
Scan and extract to interpret and respond with redline any information safeguarding clauses from a US Government contracting instrument.
BAAs, RFPs, Contracts Task Orders, CDRLs.
Technical skills to support Assessment of controls
Security or Cyber certifications such as: CISSP, CISM, CEH, CCNA etc.

This position is not eligible for Intel immigration sponsorship.

Inside this Business Group
Intel's Information Technology Group (IT) designs, deploys and supports the information technology architecture and hardware/software applications for Intel. This includes the LAN, WAN, telephony, data centers, client PCs, backup and restore, and enterprise applications. IT is also responsible for e-Commerce development, data hosting and delivery of Web content and services.



Other Locations

US, Arizona, Phoenix;US, California, Santa Clara;US, Oregon, Hillsboro;US, Virginia, Fairfax