Job Description

###

Description

As a Security Compliance Analyst at VC3 you will play a critical role in the organization's overall security operations and regulatory compliance efforts, with a specific focus on achieving Key Performance Indicators (KPIs). You will work closely with cross-functional teams to assess, implement, and maintain security controls, policies, and procedures to ensure client systems and processes meet or exceed industry standards and regulatory requirements.

Our People:

Our team members are collaborative, positive, and dedicated to mutual success. Transparency isn't just a buzzword here; it's a commitment to open communication, ensuring every voice is heard and valued. Guided by our core values -- Passionately Curious, Own It, Go Beyond, and Serve as One -- we're here to create something extraordinary together.

Our Core Focus:

Our team members play a pivotal role in our focus: Serving those who serve with technologies for today and tomorrow that make life safe and simple. With nearly 30 years of specialized expertise, our team goes beyond conventional boundaries, delivering tailored managed services and cybersecurity solutions to our clients.

Your Growth:

We are a growth minded organization that prioritizes development, offering numerous opportunities for career advancement. Rooted in our core value of being Passionately Curious, VC3 offers a dynamic learning environment, emphasizing hands-on experiences and formal development programs that celebrate continuous learning to propel your career forward.###

Key Responsibilities

Understand and follow "The VC3 Way". This is our set of standards and processes that produce a predictable result for the client. You must be aware of and maintain our standards Conduct internal VC3 security audits and assessments to identify vulnerabilities, weaknesses, and non-compliance issues. Report identified audit exceptions to the security team leadership Collaborate with teams to develop and update security compliance policies, procedures, and guidelines in accordance with industry best practices. Provide recommendations to security leadership for policy improvements that will reduce risk and align VC3 to industry standards Develop a process and collaborate with the administration team for maintaining CJIS certification status of VC3. Maintain and gather information current and future state regulations for CJIS certification. Interact with state agencies as necessary Conduct client risk assessments to identify potential security risks and develop mitigation plans. Identify and create remediation plans to reduce identified risks and audit exceptions. Collaborate with security, service delivery and strategic advisors to present assessments to clients and develop a schedule of remediation Monitor and interpret relevant client regulations, standards, and frameworks (e.g., GDPR, HIPAA, ISO 27001, CMMC, FISMA, CJIS) to ensure our organization's client compliance. Communicate changes to security team leadership, service delivery and client strategy teams Maintain accurate records and documentation related to security compliance activities, including audit reports, policies, and incident reports Generate and deliver client compliance and security reports to security team leadership and relevant stakeholders, ensuring timely reporting to clients Continuously evaluate and improve compliance process improvement, driving down the required time to complete client audits Look for and recommend automation opportunities with current and/or new systems to drive efficiency Provide recommendations and assistance in tool (Cynomi) development and implementation

Additional Responsibilities:

Collaborate with AST teams and Strategic Advisors to help clients achieve improved regulatory compliance and to provide information regarding current compliance state Maintain accurate and real time timesheets, record complete and accurate notes of communication with clients Receive mentoring and feedback from peers and others Where appropriate, escalate complicated issues to a senior resource or other appropriate teams Review Tickets with Manager Actively Participate in Team Huddles, L10 Meetings, One on One Meetings, and any other Team Meetings Create and update documentation when changes or occur, or when discoveries are made Attend monthly training & team meetings as required Additional duties as required


###

Skills, Knowledge and Expertise

Good problem solving and decision-making skills; ability to understand and analyze complex issues Self-motivated, detail orientated, highly organized and able to handle a variety of tasks and responsibilities in an efficient manner with a high level of quality Possess strong oral and written communication skills and be comfortable interfacing with client executive teams Process driven with high attention to detail and excellent follow through skills Professional demeanor and outstanding client service skills Strong work ethic with a desire to learn, grow, and develop new skills Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent work experience) Certification in relevant security and compliance standards (e.g., CISSP, CISM, CISA) is a plus Knowledge of security standards, frameworks, and regulations (e.g., ISO 27001, NIST, GDPR, FISMA, CMMC) Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work collaboratively in a cross-functional team environment Attention to detail and a commitment to upholding the highest standards of security and compliance


###

Additional information you will want to know:

Applicant selected will be subject to a criminal and department of motor vehicles background checks and must meet Criminal Justice Information Systems (CJIS) requirements post-employment VC3 offers a comprehensive benefit package and 401K/RRSP company matching

Thank you for your interest in VC3. We appreciate all applications; however, only those candidates selected for an interview will be contacted.

###

About VC3

VC3 offers Managed IT Services, Private Cloud Services, Hosted VoIP, Custom Web Applications, SharePoint Consulting, and Website Design & Hosting.



VC3 has more than 25 years of experience providing a full range of Information Technology Solutions and Services to hundreds of municipalities and organizations throughout the United States and Canada. The technologies needed by our customers have changed many times over the years, but our focus has always stayed the same: connect the best technologies with our experienced and talented engineers, programmers, web designers and support specialists to deliver solutions that take our customers to the next level of productivity and results.



We pride ourselves on making IT personal, making IT easy, and getting IT right. And it all starts with our talented team that is committed to raising the bar.