Senior Cybersecurity Compliance Analyst

About Maxar Intelligence

Maxar Intelligence is a provider of secure, precise, geospatial intelligence. We deliver disruptive value to government and commercial customers to help them monitor, understand, and navigate our changing planet. Our unique approach combines decades of deep mission understanding and a proven commercial and defense foundation to deploy solutions and deliver insights with unrivaled speed, scale, and cost effectiveness.

Role Overview

The Senior Cybersecurity Compliance Analyst will join a well-rounded, creative, and inspired Cybersecurity Risk and Compliance team (part of the office of the CISO) to support a variety of exciting business initiatives that span both the commercial and US Government businesses. At Maxar we take space exploration, humanitarian efforts and protecting the planet seriously. In this role, you will be part of a team leading and providing direction on cybersecurity best practices as they relate to NIST/CMMC compliance and will be acting as an advocate for Cybersecurity policies and standards to directly contribute to Maxar’s amazing mission.

Employment Type: Full time

Location: Westminster, CO office, Herndon, VA office, or Remote

What You’ll Be Doing

• Work collaboratively with business owners to maintain NIST 800-171/CMMC compliance by performing risk and control maturity assessments; targeting information systems that process, store, and transmit company and customer information.
• Provide cybersecurity risk consultation to internal teams focused on the alignment of information system design and implementation to the underlying cybersecurity control requirements.
• Assist with answering client security questionnaires and evaluating compliance with regulatory and contractual requirements.
• Provide more robustness to our existing TPRM (Third-Party Risk Management) program and be hands-on in planning and executing TPRM engagements.
• Participate in the creation and maintenance of Cybersecurity documents (policies, standards, guidelines, and procedures).
• Contribute to the Cybersecurity education program.

Minimum Requirements

• Must be a U.S. Citizen.
• Requires a minimum of 8 years of progressive Cybersecurity and Compliance experience.
• In-depth knowledge of Cybersecurity, regulatory governance, and IT security practices.
• Experience documenting and maintaining Cybersecurity guidelines, policies, and standards.
• Experience performing Security Risk Assessments based on common control frameworks: e.g.: NIST SP 800-171/171a, NIST SP 800-53/53a, ISO27001 and SOC2.
• Strong verbal and written communication skills, with demonstrated ability to effectively present material to a variety of technical and non-technical audiences.
• Experience leveraging GRC tools to automate third-party risk reviews; including risk register integration and workflows to track ownership, progress and closure.

Preferred Qualifications

• Bachelor’s degree or four relevant years of experience may be substituted for a degree.
• Strong ability to think strategically about business, products, and technical challenges.
• Experience analyzing business or technical problems and proposing and implementing solutions.
• Knowledge of networks, operating systems, applications, and cloud services.
• Familiarity with security frameworks and various compliance requirements; including: ISO27001, SOC2, NIST, CMMC.
• Knowledge of OWASP/SAMM
• Experience with third-party risk and M&A Cybersecurity assessments
• Certification related to Cybersecurity (e.g., CISSP, CISA, CISM)

What’s In It For You

There is a reason we boast awards like Best Employer, Best Place to work, Top employer, candidate experience winner. Our strength is in our people. Each team member makes a unique contribution to our collective mission.

• Health, Vision, Dental Insurance, and Employee Assistance Program
• 401K, with matching and immediate vesting
• Health Savings Account (HSA)/Flexible Spending Accounts (FSA) Options
• PTO, 10 Holidays, and Sick Time
• Maternity