Technology Compliance Consultant | Maine
At Systems Engineering, our mission is to enable the exceptional with our clients, employees, and the community.
As a result, we continue to invest heavily in being the premier technology employer in Northern New England. We are 100% employee-owned which gives us the unique opportunity to combine shared equity with empowerment to create an incredible career development opportunity.
We have an immediate opening for a Technology Compliance Consultant to join the growing Advisory Services team. Technology Compliance Consultants draw on technical, business, and managerial skills to help clients develop, improve, and execute their information security programs to support compliance initiatives and improve the overall security posture of organizations.
This role works highly independently with clients and internal resources to develop, track, and aid in compliance and governance programs on a recurring basis. You will work extensively with clients throughout New England to deliver professional consultative services in a variety of areas, including:
- Information security risk assessment information gathering, program development, and oversight.
- Business Continuity Plan development.
- Compliance and gap analysis with common frameworks and regulatory requirements (NIST Cybersecurity Framework, NIST 800-53, 800-171, NYS DFS, CMMC, etc.).
- Utilize Governance, Risk, and Compliance (GRC) tools to track and communicate compliance program status.
- Generation, analysis, and distribution of compliance state reporting & compliance activity tracking and planning.
- Provide technical vulnerability management support and guidance.
- Preparation of evidence for client compliance audits.
- Participation in, and leadership of, client security committees.
- Mentoring and training internal resources, and leading smaller projects.
- Take a strong leadership role with clients to facilitate the development of critical security documents, policies, and practices. This involves working directly with both all c-suite members and technical staff within a client organization.
- Develop and maintain information security, incident response, business continuity, and acceptable use policies for clients. Facilitate the creation and maintenance of these programs, identify compliance gaps, and contribute to risk assessments.
- Facilitate client Tabletop Exercises.
- Work with senior technology consultants to recommend changes to technology, procedures, and policies to secure client networks and meet compliance requirements.
- Identify and communicate recommended security and business continuity controls, plans, and deficiencies for clients. Provide clients with actionable reports.
- Provide input into the creation of detailed project plans, work assignments, and target dates for clients.
- Stay abreast of the ever-changing cybersecurity regulatory environment.
- Occasionally contribute to public or client-facing talks, conferences, or written work.
For immediate consideration, click here to apply.
What We’re Looking For
Technical Skills & Experience:
- BS or similar degree preferred. Progressively responsible experience in technology, IT security, consulting, or audit environments acceptable in lieu of formal education (3-5 years experience with a degree, 5-8 years without).
- CISSP/CCSP/CIPT or similar certifications are highly valued; pursuit may begin after hiring.
- Mastery of at least one cybersecurity compliance framework (CSF, 800-171, CIS, etc.).
- Experience with HIPAA, GLBA, PCI-DSS, GLBA, and/or CMMC compliance desired.
- Experience with cloud security technologies, namely Microsoft Office 365, is desired.
Technical Leadership Skills:
- Ability to distill complex technical information into broadly comprehensible concepts, and vice versa.
- Experience facilitating/conducting risk assessments and/or audits preferred.
- Must be an excellent written and oral communicator, ability to encourage critical thinking, and ask open-ended questions.
- Ability to lead a small cross-functional team with minimal direction or oversight.
- Project management, consulting, and audit experience are strongly preferred.
- Possess strong organizational, critical thinking, and analytical skills.
- Passion for security, compliance, and governance is required!
- This is a Hybrid role requiring a mix of in-office & onsite work at client locations & remote work, based out of our Portland, Maine office.
Our Benefits & Culture
Systems Engineering is located in the heart of the Old Port in downtown Portland, beloved for a lively arts & entertainment scene, and an abundance of local craft breweries. We are positioned centrally to the waterfront, trails, parks, and restaurants, and have been repeatedly voted one of Maine’s Best Places to Work. We pride ourselves on being active in the community and proud to be 100% employee-owned. It is a great place to work because the team cares about each other and the company’s future.
- ESOP (Employee Stock Ownership Plan) – Join our team of employee-owners and directly contribute to the strategic direction, growth, workplace culture, and future of the company.
- Employer 401k matching contributions.
- Competitive medical, dental, life, and disability insurance.
- Paid Time Off starting with 17 days PTO, nine paid holidays, two weeks paid parental leave, and paid community volunteer time.
- Engaging wellness programs, including onsite health coaching, fitness facility, and various company-sponsored teams and events.
- Career mobility, professional development, and training as well as certification opportunities.
- Dynamic, fun, and active community culture.
- Business casual work attire.
- Free paid parking in downtown Portland, just a couple blocks from our office.