Job Summary General Atomics (GA), and its affiliated companies, is one of the world’s leading resources for high-technology systems development ranging from the nuclear fuel cycle to remotely piloted aircraft, airborne sensors, and advanced electric, electronic, wireless and laser technologies.

We have an exciting opportunity for an IT Compliance Specialist to join our Information Technology Services (ITS) Information Assurance team in San Diego, CA.

Reporting directly to the Senior Manager of IT Governance, Risk and Compliance, this role will support the IT compliance activities of the organization. With general supervision, this position is responsible for supporting the development and implementation of cybersecurity compliance programs, and related procedures.

DUTIES AND RESPONSIBILITIES

• Develop, implement, and maintain IT compliance programs, policies, and procedures in accordance with relevant regulations, including but not limited to:
  • NIST Special Publications (e.g., NIST 800-171 Revisions 2, 3)
  • DFARS (Defense Federal Acquisition Regulation Supplement)
  • FAR (Federal Acquisition Regulation)
  • CMMC (Levels 1 through 3)
  • ISO 27000 Series
• Conduct regular internal assessments to evaluate the effectiveness of IT controls and identify areas for improvement.
• Manage external audits by government agencies (e.g., DCAA, DCMA) or third-party assessors.
• Work with IT, security, and other departments to ensure that systems and processes are designed and implemented to meet compliance requirements.
• Maintains knowledge of applicable policies, regulations, and compliance documents related to cybersecurity and information assurance.
• Participates in assessments of information technology systems; ensures periodic system security reviews are conducted and documented.
• Provides input to a cybersecurity awareness training program that is engaging and influences changes in employees’ behavior.
• Develops appropriate electronic and hard copy reports and records, including new or revised electronic or hard copy documentation.
• Create compliance related presentations to internal stakeholders as needed.
• Monitor changes in regulations and update policies and procedures accordingly.
• Serve as a point of contact for IT compliance-related inquiries
• Investigate and address any compliance violations or incidents
• Maintain the strict confidentiality of sensitive information.
• Embraces continuous learning with a passion to keep abreast of changes in regulatory and technology environments.
• Responsible for observing all laws, regulations, and other applicable obligations wherever and whenever business is conducted on behalf of the Company.
• Responsible for ensuring work is accomplished in a safe manner in accordance with established operating procedures and practices.

We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply.

Job Qualifications:

• Typically requires a bachelor’s in computer science, information technology, or a related field and six or more years of progressive professional experience in information assurance or a related field. Equivalent professional experience may be substituted in lieu of education. CompTIA Security +, CISSP or higher certification strongly desired.
• Must have experience organizing, planning, scheduling, conducting, and managing work assignments to meet project milestones or established completion dates. Must possess the ability to understand new concepts quickly and apply them in an evolving environment while contributing to the development of new processes. Must be customer focused and possess:
• Identify issues, analyze data and develop solutions to a variety of technical and administrative problems
• Excellent analytical, verbal and written communication skills to accurately document, report, and present findings;
• Excellent interpersonal skills enabling an effective interface with other professionals; and
• Excellent computer skills.
• Familiar with:
  • Regulatory requirements that affect the Aerospace and Defense industry such as DFARS 252.204-7012, DFARS 252.204-7016 through 7020, and Cybersecurity Maturity Model Certification (CMMC).
  • International regulatory requirements that affect that Aerospace and Defense industry, such as UK Cyber Essentials, Canada Program for Cyber Security Certification (CPCSC), etc.
  • Applicable Artificial Intelligence (AI) regulations at local, state, federal and international levels
  • Internationally recognized standards, such as the ISO 27000 series
  • Privacy regulations, such as CCPA and GDPR
  • Utilizing tools to support compliance programs, such as GRC tools
• Ability to work independently or in a team environment is essential as is the ability to work extended hours as required.
• Able to obtain and maintain, a security clearance at or above the Secret level.
• U.S. Citizenship is required

Salary:$81,080 - $141,650