Compliance & Security Analyst

Essential Duties and Responsibilities

• Architects and authors System Security Plans (SSPs), the "source of truth" for the client's security posture, detailing exactly how each

NIST 800-171

control is implemented.

• Develops and manages the Plan of Action and Milestones (POAM), tracking every deficiency and guiding the client's IT team through remediation.
• Drafts all formal security policies, ensuring they are not just "templates" but functional, defensible documents that reflect the client's real-world operations.
• Designs and facilitates annual Incident Response (IR) and Disaster Recovery (DR) tabletop drills.
• Leads the Evidence Collection phase, verifying that the client's logs and configurations meet the rigorous sufficiency standards of a C3PAO auditor.
• Demonstrates and actively promotes an understanding and commitment to the mission of Logicalis through performing behaviors consistent with the organization's values.
• Maintains a working knowledge of applicable Federal, State, and Local laws and regulations as well as policies and procedures of Logicalis in order to ensure adherence in a manner that reflects honest, ethical and professional behaviors.
• Supports and conducts self in a manner consistent with customer service expectations.

Supervisory Responsibilities This job has no supervisory responsibilities. Qualifications To perform this job successfully, an individual should be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Education/Experience/Technical Requirements/Certifications Equivalent combination accepted. Education

• Bachelor's degree in a related field.

Experience /

Technical Requirements:

Compliance Enclaves:

Advising on how to segment CUI to limit audit scope and cost.

FIPS 140-2/3

Validation:

Verifying that encryption modules (VPNs, Wi-Fi, Storage) meet federal standards.

Network Architecture:

Interpreting network diagrams and identifying gaps in boundary protection and data flow. Previous Network Engineer or Administrator experience is valued.

Log Logic:

Knowing exactly what a "passing" audit log looks like for MFA, access control, and system monitoring.

Framework Expert:

Mastery of

CMMC 2.0

(Level 2) and

NIST SP 800-171.

Technical Writing:

Superior ability to write clear, audit-proof documentation (SSPs, SOPs, and Policies).

• Knowledge of

SOC2, ISO

27001, HIPAA, or GDPR.

Certifications:

• CCP (CMMC Certified Professional)
• CISA
• Security + Other Skills and Abilities
• Ability to work with C-Suite Executives and across client technical teams throughout the consulting process.

Portfolio Management:

Proven ability to manage ~10 concurrent clients/projects without sacrificing quality or missing milestones.

• Ability to manage through high level of ambiguity and multiple requests from variety of sources.
• Ability to work on multiple projects simultaneously and translate business data into digestible information that improves corporate processes.
• Outstanding technical/business communication skills.

Physical Demands The physical demands described here are representative of those that should be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this Job, the employee is constantly required to sit, talk, see, hear, and use hands and arms. The employee is frequently required to stand; move about, climb steps or balance and stoop, kneel, crouch, or crawl. The employee may occasionally lift and/or move up to 10 pounds. The above statements describe the general nature and level of work being performed by individuals assigned to this classification. This is not intended to be an exhaustive list of all responsibilities and duties required of personnel so classified. Logicalis is an Equal Opportunity Employer. It is our policy to employ people who are qualified by reason of education, training, experience, and demonstrated performance. We value inclusion and belonging at our company. We do not discriminate on the basis of race, color, religion, national origin, sexual orientation, gender identity and gender expression, marital status, age, height, weight, disability, veteran status, or any other reason prohibited by applicable federal or state laws.

Salary Compensation Range:

$90,321 - $121,934To view the full job description, click here