IT Compliance Analyst
Battelle is guided by a founding mission. We invest our knowledge, talents and resources, helping our customers achieve their most important goals. We apply scientific rigor and creativity, succeeding where others may fail, and we invest in our communities, making the world better for generations to come. All of us share a common purpose: to solve the greatest challenges of today and tomorrow.
Our 22,000 employees work at the forefront of scientific innovation to tackle critical challenges in security, human health, manufacturing, energy and environmental management. Battelle’s work is grounded in the belief that science, technology and a passion for excellence can make industries more competitive and the world a better place.
We are currently seeking an IT Compliance Analyst. This position located in Columbus, OH.
The position is in our IT Governance, Risk, and Compliance group. This position will report to the Manager of Governance, Risk, and Compliance. Minimal travel (< 5%) is required. This position is a full-time permanent role located in Columbus, Ohio.
The position leverages expert knowledge of standards, frameworks, and current industry best practices to develop new, or update existing, information security policy, evaluate compliance to established security standards, and advise peers and leadership on direction and interpretation. The analyst will work closely with all segments of IT, information security, facilities, and DR/emergency operations, personnel to ensure an appropriate, compliant, and achievable set of policies and frameworks for Battelle’s IT computing environment.
- Author, contribute to, align and publish IT policy, process, and standards
- IT point of contact for internal business areas and external auditors in support of financial and application system compliance and audit.
- Establish and maintain IT controls related to business applications and narrative details of those controls.
- Perform periodic review of existing Battelle Cyber Security policy, compare with comparable existing industry and Government frameworks, compare with Battelle’s security roadmap and goals.
- Work with internal lines of business to establish FISMA/NIST compliant networks to provide compute for executing the work of Battelle. Recommend upgrades and updates, track implementation of these items through completion.
- Work closely with Security Officer, cyber team, and all of Information Technology organization to ensure compliance, facilitate remediation, and facilitate continuous improvement.
- Perform analysis of existing or proposed systems to compliance to risk standards and industry frameworks
- Maintain close familiarity of industry practices and current trends.
- Other security related duties as assigned
THE FOLLOWING REQUIREMENTS MUST BE MET TO BE CONSIDERED FOR THIS POSITION:
- Must have a bachelor’s degree in Computer and Information Systems or equivalent
- Must have at least 8 years’ experience in IT security
- Must have direct experience in at least 3 of the following areas (areas for which you are an expert and for which you can develop policy and facilitate technical solutions):
- Expertise with IT Management and controls framework (such as but not limited to COBIT) that is reconcilable to COSO (strongly desired)
- Audit/compliance program experience in PeopleSoft or other industry leading financial system (strongly desired)
- Compliance with FISMA/NIST
- NIST 800-53
- DFARS 252.204-7012
- NIST 800-53 171 CUI
- Standardized risk assessments and POAMs
- Privacy, PII, PHI, and HIPAA
- Compliance with DCAA Policies
- Technical Controls
- Compliance with DOD Policies
- Must be an expert in written technical communications.
- Must have strong ability to understand goals, aversions, and needs of others from discussions and meetings and be able to provide compelling evidence to support the correct point of view
- Must be a US Citizen with the ability to obtain a US Government Security Clearance (Secret or higher)
THE FOLLOWING IS DESIRED BUT NOT REQUIRED TO BE CONSIDERED FOR THIS POSITION:
- Master’s degree preferred
- Broad experience which includes functional access in all areas noted above
- (strongly desired) CISA, CISSP, CRISK or other appropriate industry certification
- Experience with DLP, Firewalls, and IDS
- Legal background/understanding
Battelle’s competitive benefits program includes comprehensive medical and dental care, matching 401K, paid time off, flexible spending accounts, disability coverage, and other benefits that help provide financial protection for you and your family.
Battelle provides employment and opportunities for advancement, compensation, training, and growth according to individual merit, without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, marital status, age, genetic information, disability, military or veteran status, or any other protected classes covered under federal or applicable state and local law. Our goal is for each staff member to have the opportunity to grow to the limits of their abilities and to achieve personal and organizational objectives. We will support positive programs for equal treatment of all staff and full utilization of all qualified employees at all levels within Battelle.
For more information about our other openings, please visit www.battelle.org/careers.