Senior Infrastructure Security QA Engineer (34213-RKUL)

Job Summary

MathWorks has a hybrid work model that enables staff members to split their time between office and home. The hybrid model provides the advantage of having both in-person time with colleagues and flexible at-home life optimizations. Learn More: https://www.mathworks.com/company/jobs/resources/applying-and-interviewing.html#onboarding.

We are seeking a skilled Senior Security Compliance Auditor to join our dynamic team and assess compliance to NIST 800-171, NIST 800-53, and CMMC standards. This role involves evaluating our security controls, identifying areas of improvement, working with cross-functional teams to enhance our security posture, and participating in external audit and certifications.

MathWorks nurtures growth, appreciates diversity, encourages initiative, values teamwork, shares success, and rewards excellence.

Responsibilities

• Conduct comprehensive audits of security controls in accordance with NIST 800-171, NIST 800-53, and CMMC guidelines.
• Evaluate the effectiveness of security measures and identify areas for improvement.
• Ensure ongoing compliance with federal and industry standards.
• Develop and maintain documentation related to compliance activities and findings.
• Provide recommendations for risk mitigation and control enhancements.
• Assist in the development and implementation of security policies and procedures aligned with regulatory requirements.
• Support the lifecycle management of compliance-related documentation.
• Conduct training sessions to raise awareness about compliance requirements and best practices.
• Stay updated on the latest developments in NIST and CMMC standards.
• Work closely with cross-functional stakeholders across various departments such as IT, Engineering, HR, Legal to address compliance gaps.
• Communicate audit results and recommendations to stakeholders and senior management.

Qualifications

• A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required.
• Candidates for this position must be authorized to work in the United States on a full-time basis for any employer without restriction.
• Visa sponsorship will not be provided for this position.

Additional Qualifications

• Strong knowledge of software development processes, on-prem and cloud-based infrastructure, cybersecurity, network security, risk management, application security, and third-party management.
• Proven experience in security compliance auditing and cybersecurity frameworks, particularly with NIST 800-171, NIST 800-53, and CMMC.
• Excellent analytical, problem-solving, and communication skills, with a demonstrated ability to collaborate across teams and roles.
• Relevant certifications such as CISA, CISSP, or CMMC-AB Assessor are preferred.