CACI International Cyber Risk and IT Compliance Analyst in Oklahoma City, Oklahoma
Cyber Risk and IT Compliance Analyst
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: None
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US
What You’ll Get to Do:
CACI is seeking an experienced Cyber Risk and IT Compliance professional to join our IT Assurance and Compliance Team within the Office of Enterprise Services. As a Cyber Risk and Compliance Analyst, the individual will work closely with system, process, and control owners across the organization to maintain effective, cost efficient, and consistent IT control processes across multiple regulatory requirements.
More About This Role:
Coordinate, facilitate, and supervise compliance and assurance processes, including ISO 27001 internal assessments, internal and external IT SOX and special audits, and third-party compliance assessments for IT-relevant services (including NIST SP800-171 and CMMC).
Execute corporate and program-specific system security plan (SSP) reviews and associated NIST SP800-171a assessments.
Monitor remediation and corrective action plans at the Corporate and program enclave level.
Develop and maintain guidance and compliance-related resources and documentation such as system security plans, policies, and procedures.
Communicate and collaborate with IT teams to improve security compliance, manage risk and effectiveness of the systems control environment.
Build and maintain strong relationships while regularly working alongside IT and cross-functional personnel at all levels in the organization.
Assist with IT special projects as needed.
Research and remain current on IT regulatory requirements (SOX, SEC) and gain exposure to cybersecurity practices (NIST 800.X) and industry regulations (DFARS, CMMC).
Continuously grow and learn as technologies and regulatory environments evolve.
You'll Bring These Qualifications:
Bachelor’s degree in Auditing, Management Information Systems, Information Assurance, Cybersecurity or related area.
5+ years of Information Technology Auditing or Consulting work experience.
Experience leading, coaching and training others as a team leader, or formal supervisor experience.
Experience with COSO, CoBIT, DFARS 252.204-7012, ISO 27001, NIST SP800-171, and/or Sarbanes Oxley (SOX).
Experience leveraging auditing principles and methods to evaluate policies, processes, and systems to identify risks and control gaps.
Experience documenting, understanding, and evaluating IT governance and risk management concepts and IT general controls and practices, such as IT infrastructure, cybersecurity, change management, and application control processes.
Experience analyzing, evaluating, and flowcharting procedures, processes, and controls for compliance with company policies and government regulations.
Ability to identify risks and propose feasible and effective solutions, and document and communicate findings and recommendations to management.
Clear articulation and exceptional written and verbal communication skills.
Strong people skills and ability to work collaboratively and cooperatively with external auditors/assessors and employees irrespective of their status in the organization.
Strong organizational and project management skills, including ability to multi-task with shifting deadlines.
Ability to work independently, with minimal direction in a complex environment.
Must be able to obtain a Secret security clearance.
These Qualifications Would be Nice to Have:
CISSP, CIA, CISA, CRISC and other certifications
Experience in a regulated industry such as Government Contracting
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer – Females/Minorities/Protected Veterans/Individuals with Disabilities.
As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.