Information Security Compliance Analyst

Title: Information Security Compliance Analyst
Location: Remote (US based)
Additional locations may include Clayton, MO (hybrid schedule)

Focus: The Information Security Compliance Analyst is responsible for performing and assisting in various cybersecurity-related risk assessments and audits as well as maintaining internal team documentation. You will have the opportunity to partner with internal and external stakeholders to bring efficiency and process improvements into annual compliance audits as well as support ongoing team needs. In this role, you will need to be able to take complex technical topics and summarize them in a comprehensive way that will lead to building repeatable processes.

Salary: $85,500 - $129,500

Essential Job Functions:

• Perform and manage assessments of IT processes, risk, controls, and compliance against leading practices, industry standards, and frameworks
• Investigate and resolve compliance problems, questions, or complaints received from other units of the company, customers, government regulatory agencies, etc., and communicate issues and recommendations to key stakeholders
• Maintain Systems Security Plans and Corrective Actions Plans for regulatory compliance
• Assist with the implementation of policies and procedures and perform sample-based testing and manage associated evidence to ensure compliance with the appropriate statutes and regulations
• Support Corporate Audit, Global Security Exception Management, Global Third-Party Risk Review, and GRC Platform Management

Minimum Requirements:

• Bachelor's Degree; Computer Science, Cybersecurity, Risk Management, Accounting/Finance, or related field preferred
• Minimum of 3 years of experience in IT audit
• Experience independently evaluating security controls over IT processes
• Ability to effectively communicate security-related concepts to a broad range of technical and non-technical professionals
• Excellent analytical skills with the ability to manipulate and comprehend large data sets and explain data/concepts in a clear and concise manner
• Experience using Microsoft Office software (Word, Excel, PowerPoint, Outlook, Teams)
• Up to 20% travel may be required
• This position requires access to ITAR controlled technical data, and as such, employment will be contingent upon the candidate's ability to access ITAR controlled technical data pursuant to an export license approved by the Directorate of Defense Trade Controls, if required

Preferred Qualifications:

• Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISM), Certified Information Systems Manager (CISA), GIAC (Global Information Assurance Certification)/GSNA (GIAC Systems & Network Auditors) or other similar certification
• Knowledge of core IT and Security infrastructures including Active Directory, Microsoft Windows security controls, Azure, SIEM, AV, IPS, vulnerability scanners, etc
• Experience or working knowledge of: General Data Protection Regulation, Defense Federal Acquisition Regulation Supplement, Chemical Facilities Anti-Terrorism Standards or US Coast Guard Maritime Security Standards, and NIS2 Directive
• Experience implementing NIST 800-171 information security controls
• Working knowledge of NIST 800-53, NIST 800-171 and the Cybersecurity Maturity Model Certification (CMMC)

Olin is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.