Security Compliance Specialist II at Civis Analytics (Remote)

Sorry, this job was removed at 11:01 a.m. (CST) on Tuesday, December 6, 2022
Find out who’s hiring remotely
See all Remote jobs
Easy Apply
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

What we do

Civis Analytics, Inc. helps leading businesses, nonprofits, and governments use data to identify, attract, and engage customers, constituents, and citizens. With a blend of proprietary data, technology, and advisory services, and an interdisciplinary team of data scientists, developers, and survey science experts, Civis helps organizations stop guessing and start using statistical proof to guide decisions. Learn more about Civis at www.civisanalytics.com.

Our mission

Our mission is to bring objective, data-driven truth to organizational decision-making – all the way from the boardroom to the world’s largest social causes.

What we are looking for

Civis is seeking a Security Compliance Specialist II to join the Civis Information Security Team.  This position will work with the Director of Information Security to support compliance, risk management, and data governance activities across the business to meet key security program milestones and cost objectives. 

As a Security Compliance Specialist II, you will be responsible for Civis’s SOC2 and FedRAMP compliance, embedded across discrete business units, to ensure compliance objectives are met throughout the process, product development lifecycle, and service delivery. 

We are looking for an individual who is passionate about compliance and possesses both a broad control framework understanding and the technical acumen to enable a hands-on approach in guiding security best practices across engineering teams. An ideal candidate would bring with them expertise in creative problem solving, the ability to work on multiple tasks in parallel, and ability to manage expectations in a fast-paced environment, all while maintaining a high quality of work.

Responsibilities

  • Conduct compliance assessments of controls for in-scope systems, including remediation assessments and audit-readiness assessments.
  • Provide subject-matter expertise on SOC2/FedRAMP requirements and partner with technical teams to execute and monitor controls related to compliance initiatives.
  • Identify control deficiencies and maintain records of deficiency details, including management response documentation and exposure check evidence.
  • Drive remediation activities with stakeholders, including developing remediation plans, tracking, and reporting remediation progress.
  • Work with incident response (IR) team members as a communication commander to gather forensic evidence for investigations and remediation.
  • Perform continuous monitoring activities and track control health metrics. 
  • Support evidence collection/documentation and lead efforts related to internal and external audits, including FedRAMP/SOC2 Assessments.
  • Maintain FedRAMP Authorization package, including the System Security Plan (SSP), Plan of Action & Milestones (POA&M), and other associated documentation.
  • Participate in Continuous Monitoring (ConMon) program and interface with FedRAMP customers and the FedRAMP PMO.
  • Perform continuous security audit, report findings and provide recommendations to the Director of Information Security.

Required Qualifications

  • Demonstrated FedRAMP Ready/ATO, SOC 2, NIST 800-53, NIST CSF assessment experience.
  • 3+ years of work experience with at least 2 years in security, with demonstrated accomplishment in assessments and controls.
  • Minimum one year of hands-on, practical experience in one or more security domains, e.g., Application, Cloud, Network.
  • Project management experience.
  • Ability to stay up to date and proactively informed on developing regulatory concerns and evolving compliance control solutions.
  • Excellence in documentation of policies, procedures, and guidelines.
  • Strong problem-solving and process improvement skills. 
  • Excellent verbal and written communication skills.

Preferred Qualifications

  • Hold any of the relevant certifications (CISSP, CISM, CISA, ISA, CIS, etc.).
  • Knowledge and experience working with Cloud technologies/environments, AWS, Azure, GCP or other related cloud experience.
  • Proficiency with Atlassian products Jira and Confluence.
  • Experience performing vendor due diligence.
  • Experience with performing risk analysis for systems, processes, third-party tools/applications and configurations.

Who we are

At Civis, we have opportunities for applicants who are newcomers, seasoned professionals, and anywhere in between. Our teams are energized by complex challenges and value diversity of thought. Opportunities to stand out and inspire happen daily and we trust and encourage you to act on your ideas – no matter how big they are. We offer you the tools and community you need to do your best work. Each of us is committed to holding ourselves accountable for results, challenging the status quo and finding new ways to grow our company and each other.

Why join our team?

  • The opportunity to be part of a growing tech startup focused on solving interesting and meaningful problems, invested in internal promotion, and committed to fostering a diverse, equal and inclusive workplace. 
  • Competitive benefits, including unlimited PTO, 401K match with immediate vesting, health, dental, and vision benefits, fully paid parental leave, breastfeeding support including breastmilk shipping services for traveling moms, commuter benefits, wellness initiatives including weekly group meditations, monthly on-site massage therapy, and pet insurance.

  • To support employees in our now fully remote work environment, we also have expanded our virtual journal and book clubs, Donut Pals (organized virtual coffee meet-ups), Lightning Talks (5-minute presentations on anything you’d like), Lunch-and-Learns, and HR Open Discussions (bi-weekly meet-up where we discuss ideas and topics of the day in a casual format). We are also able to support and accommodate flexible work from home schedules to help employees juggle responsibilities at home.

Civis Analytics embraces the individuality of our employees and we celebrate each other's differences. Our products, services, and culture benefit from and thrive on the unique perspectives brought by each person in our community. We're proud to be an equal opportunity workplace, and we are committed to equal employment opportunity regardless of race, age, sex, color, ancestry, religion, national origin, sexual orientation, gender identity, citizenship, marital status, disability, or Veteran status. If you have a disability or special need that requires accommodation, please contact [email protected]

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States.

EEO IS THE LAW

EEO Supplement

Pay Transparency


Read Full Job Description
Easy Apply
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • ReactLibraries

Location

As one of the popular hubs for tech startups, Chicago is the perfect backdrop for Civis's growing team.

An Insider's view of Civis Analytics

What's something quirky about your company?

One of my favorite parts about Civis is the culture of learning—talking about academic papers is encouraged as well as sharing weird facts about things people are interested in. I also love the people at Civis because they genuinely care about each other and also serving the wider world.

Evelyn

Software Engineer

What are Civis Analytics Perks + Benefits

Civis Analytics Benefits Overview

- The opportunity to be part of a growing tech startup focused on solving interesting and meaningful problems, invested in internal promotion, and committed to fostering a diverse, equal and inclusive workplace. 

- Competitive benefits, including unlimited PTO, 401K match with immediate vesting, health, dental, and vision benefits, paid parental leave, breastfeeding support including breastmilk shipping services for traveling moms, flexible work from home policy, commuter benefits, wellness initiatives including weekly group meditations, monthly on-site massage therapy, and pet insurance.

- Modern office, conveniently located in the Loop. Close to public transportation, great restaurants and beautiful city views.

Culture
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
Diversity, Equity, and Inclusion; Civis-for-Good; Reading Groups/Journal Clubs
Daily sync
Open door policy
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Documented equal pay policy
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Mean gender pay gap below 10%
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Disability insurance covers 60% of annual salary up to $6000 monthly maximum payout.
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
$50,000 life insurance benefit paid by Civis Analytics.
Pet Insurance
Wellness Programs
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Civis believes that if you are sick you should stay home. We have a flexible sick policy with no stated limits.
Perks & Discounts
Casual Dress
Commuter Benefits
Parking
Home Office Stipend for Remote Employees
Professional Development Benefits
Job Training & Conferences
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
Online course subscriptions available

More Jobs at Civis Analytics

Easy Apply
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
View Civis Analytics's full profileSee more Civis Analytics jobs