Compliance Associate

Location: Michigan, USA

 

Passion4Tech + Creativity + Fun =
Systems X Team Member

ABOUT YOUR ROLE WITH US

As a Compliance Associate, you will primarily support our awesome customers with their compliance initiatives and overall IT security posture. You will conduct cyber-risk management reviews to identify the gaps with compliance frameworks such as DFARS 254.204-7012, NIST 800-171, and CMMC. This position requires that you provide first-level client support in a professional, cheerful manner to ensure a clear understanding of the issue and the next steps for resolution.


 

REASONS TO JOIN OUR TEAM

OUR CUSTOMERS

Your contributions will have a direct impact on our customers. Many of them are among the best in their industry. Your involvement will give you tremendous insight and knowledge on how we help them leverage their technology to fulfill today’s digital transformation initiatives.

CHALLENGED AND NEVER BORED

Systems X is not limited to one industry or geographic location. We have separate lines of business that support all company sizes, from SMB to Fortune 500, in the industrial, health care, services, and financial sectors worldwide. You will have the opportunity to experience different company cultures, processes, and emerging technologies. You will get to meet and work with talented people who share your purpose and have fun doing it.

YOUR SUCCESS IS OUR SUCCESS

As one of our team members, you will never be alone in tackling challenging activities. We are ONE, and as such, we help each other continuously to ensure everyone succeeds so that we continue to earn our customer’s trust and provide them with unmatched value. You will be a respected team member and encouraged to think and contribute with an entrepreneurial mindset, and you will find support every step of the way. Everyone at Systems X is committed to serving each other!

THE SYSTEMS X FAMILY

Our culture is centered around inclusion, respect, and service to each other. Together, we have built our business to provide a sustainable work environment with an adequate life balance each team member deserves. There is genuine care here where lasting friendships are conceived. Laughs and great conversations are encouraged. Everyone works hard, and that commitment is rewarded by the customer and peer respect. Our open-door policy keeps us true to our values, and we proceed with all we do transparently to benefit from everyone’s input. We are ONE.

THE BENEFITS!

We enjoy a flexible working environment in a relaxed setting. Yes, we party to celebrate accomplishments, and we have lots of surprise lunches. Our VIP lounge is the perfect place to chill and engage your peers in conversation. Your pay is competitive, and your healthcare benefits will ensure you can rest easy if you need care for yourself or your family. Enjoy a well-deserved paid vacation and ramp up on those days quickly too! No more waiting years and years for a measly extra day! Rollover your 401K, or let’s get you started on one so you can one day sit back at the beach and be an angel investor.

  • 401(k) with matching

  • Health Insurance (BCBS of Michigan)

  • Dental & Vision Insurance

  • Health savings account

  • Life insurance

  • Salary Position with Paid time off

  • Professional development assistance


 

YOUR IMPORTANT ROLE

As a Compliance Associate, you will participate in several activities that support the implementation of compliance frameworks that optimize IT security.

 This includes:

  • Analyze technical controls to ensure specific security and compliance requirements are met by verifying documented processes, procedures, and standards to validate the management of secure configurations.

  • Identify, document, and report control failures and gaps to client stakeholders. Provide remediation guidance and prepare progress reports to track the implementation of remediation tasks.

  • Educate, advise, and serve as a resource on cybersecurity assessment functions for our clients.

  • Track client compliance across NIST and CMMC frameworks and maintain up-to-date records of requirements, outstanding items, and/or corresponding mitigating controls.

  • Establish key performance metrics for clients to track and ensure compliance with established policies and standards.

  • Manage third-party risk assessments and assist in performing internal risk assessments.

  • Create, update and maintain guides, policies, and training materials for cybersecurity-related processes and changes.

  • Support the development of cybersecurity processes and procedures and the creation and maintenance of supporting documentation to ensure controls are managed and maintained.

  • Remain current on best practices and technological advancements and act as a technical resource for cybersecurity assessment and regulatory compliance.

  • Collaborate on critical client IT projects to ensure cybersecurity policy/risk issues are addressed throughout the project life cycle.

  • Support the development and administration of the client's Cybersecurity and Awareness Training program.

  • Participate in the client's IT change management process to ensure cybersecurity/risk compliance.

  • Work with the Cybersecurity team to provide guidance, recommendations, and oversight for the identification, triage, and response of security events or incidents for diagnosis of possible breaches.

This may also include:

  • Keep the managed services group apprised of impending areas of concern, verbally and in writing.

  • Assist and mentor new team members as needed.

  • Darkweb research.

  • Compile documentation that supports program implementation and management.

  • Management of internal SIEM, EDR, SOAR, and data loss prevention platforms.

  • Support the creation of video content as needed.

 

TECHNOLOGIES YOU WILL USE HERE

  • Compliance Portal.

  • Service Desk Portal.

  • Penetration testing software.

  • Remote Access Tools.

  • FedRAMP-approved GovCloud platforms.

  • Cloud-based Project Management and Collaboration tools.


 

KNOWLEDGE & SKILLS NEEDED FOR THE ROLE

  • Bachelor's Degree in Information Technology or equivalent technical experience.

  • Knowledge of DoD or Federal Government, cybersecurity, and security frameworks (DFARS 254.204-7012, NIST 800-171, and CMMC 2.0).

  • The ability to collect data and establish facts and identify trends and variances.

  • Ability to demonstrate initiative and meet deadlines.

  • Interpersonal skills: such as telephony skills, communication skills, active listening, and customer care.

  • Solid problem-solving, organizational, and analytical abilities.

  • Team player with the ability to build strong peer and interpersonal relationships.

  • Work independently or in a lead consultant capacity on client projects.

  • Self-starter with a sense of urgency and a propensity for continuous learning.

  • Ability to travel to customer locations as needed up to 5-10% of the time.

  • Diagnosis skills of cyber threats and network vulnerability issues.


 

IMPORTANT FOR YOU TO HAVE

  • One (1) to Two (2) years of experience working in an IT security and compliance role.

  • Experience with CUI, DFARS 254.204-7012, NIST SP 800-171, and CMMC 2.0.

  • Experience with security information event management (SIEM) and security orchestration automated response (SOAR) tools.

  • ITIL V3 Service Operation knowledge.

  • This position requires a high level of interaction with clients. You must be a patient listener as well as an effective communicator.

  • Typing skills to ensure a quick and accurate response to threat activities.

  • Understanding of support tools, techniques, and how technology is used to provide IT services.

  • Project Management Skills.

  • A high degree of accuracy and attention to detail. 

  • Troubleshooting fundamentals.

  • Ability to maintain confidentiality.

  • Excellent organization and documentation skills.

  • Must be comfortable with video conferences.

  • US Drivers License.

  • US Citizenship is required.

  • Must be able to obtain Secret level security clearance through the US Defense Counterintelligence and Security Agency.


 

CANDIDATE PRIORITY CRITERIA

  • Three (3) plus years of experience working in an IT security and compliance role. 

  • Security + Certification

  • Experience in IT Service Management and knowledge of tools (PowerBI, etc.)

  • A preference for individuals that have already worked in an IT Managed Service Provider environment. 

  • Fluency in other languages, such as Spanish, is a plus.


 

IMPORTANT TO KNOW

  • Your Reporting Location is Chesterfield, Michigan.

  • You will contribute during a 40 Hour Work Week.

  • A background and drug screening check will be conducted if an offer of employment is made.

  • We offer a flexible working environment, and all positions are hybrid capable.

  • We offer a strong platform for growth that enables professional and salary advancement.

    • There are many opportunities for professional development paths within Systems-X, such as advanced consulting, project management, advanced software development, and more!


 

HIRING PROCESS TIMELINE

  • We’ll be accepting applications for this position through the end of the year.

  • The initial interview will be conducted via video conferencing.

  • You will be contacted via e-mail if you are considered for the position, and your interview will be scheduled within one week of our notice.

  • Follow-up interviews will be conducted onsite.

 

Apply for the position today!