Security Partner for Finance, Legal, and Global Solutions at Novo Nordisk. Leading security initiatives to protect vital business processes with SAP technology.
About the role
- Cybersecurity Audit & Compliance Analyst leading management of comprehensive cybersecurity policies and validation of security controls. The role focuses on compliance and audit objectives within federal regulations.
Responsibilities
- Help formalize
- implement
- and maintain enterprise-level cybersecurity and data handling policies.
- Lead the review and socialization of security mandates to ensure cross-functional alignment with federal standards.
- Develop and maintain the System Security Plan (SSP)
- Security Assessment Reports (SAR)
- and associated artifacts to provide a rigorous
- defensible account of the security control environment.
- Support the execution of formal gap analyses and risk assessments across federal regulatory frameworks.
- Provide data-driven insights to mitigate vulnerabilities.
- Serve as a technical contributor for external federal audits and third-party assessments.
- Manage the end-to-end evidence lifecycle
- ensuring all technical artifacts are verified
- organized
- and available for regulatory review.
- Serve as a functional representative within the Incident Response (IR) team to document event timelines and post-incident reporting
- ensuring all federal reporting obligations are met.
- Oversee management of audit artifacts to ensure they meet requirements and are readily accessible on demand.
- Design and deliver technical cybersecurity training programs
- ensuring that the technical workforce understands their specific roles in maintaining our security authorizations.
- Support the cybersecurity team in the administration of security tools
- including Microsoft 365 Security and Purview
- to monitor data sensitivity
- review audit telemetry
- and validate that technical configurations consistently mirror established policy.
Requirements
- Bachelor’s degree in Cybersecurity
- Information Systems
- or a related field plus 2-4 years of experience in GRC
- Information Assurance
- or Technical Compliance within a federal-regulated environment.
- US Citizenship with the ability to obtain and maintain a US security clearance.
- Demonstrated experience in authoring formal cybersecurity policies
- procedural documentation
- and System Security Plan (SSP).
- Hands-on experience navigating security portals to pull telemetry and verify control status.
- Deep understanding of federal data protection standards and regulatory frameworks.
- Experience supporting the implementation or administration of advanced security tools such as Microsoft Defender for Endpoint (Plan 2) or Microsoft Sentinel.
- Relevant industry certifications such as Security+
- CySA+
- Microsoft SC-200
- CISA
- CCP
- CCA
- or CISSP.
- Familiarity with the NIST AI Risk Management Framework or general interest in the security governance of Generative AI.
Benefits
- TSC offers a stable work environment
- a competitive salary
- a comprehensive benefit package; including ESOP participation
- 401K Plan
- Flexible Work Schedules
- Tuition Reimbursement
- Co-Sponsored Health Plan
- Paid Leave
- and much more.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Client Technical Solutioner role at Kyndryl, working closely with customers to provide cutting - edge technical solutions. Collaborating on tailored solutions and leading profitable deals while ensuring customer satisfaction.
Lead information security for CxM Practice Area at Dentsu, embedding security in products and services. Collaborate with various teams to secure client solutions and maintain security integrity.
AWS Security Architect focusing on cloud security, collaborating with Information Security and Cloud Engineering teams at Ameriprise India LLP.
Lead the design and development of secure systems for clients in cybersecurity. Create innovative security solutions while overseeing integration of secure practices for critical infrastructure.
Senior Network & Security Engineer responsible for incident resolution and handling in Datacenter. Engage in installation, configuration, and maintenance of network and security infrastructure.
Product Security Engineer ensuring the cybersecurity posture of connected vehicle platforms by leading wireless penetration testing. Assessing vehicle systems to identify and mitigate security weaknesses.
Product Security Engineer at Rockwell Automation ensuring secure development practices and collaborating on security assessments. Involves securing products and features across the full software lifecycle.
Security Intelligence Expert focusing on corporate security intelligence for Corteva Agriscience. Identifying risks and managing investigations while building intelligence resources globally.
As Account Manager at Pref - Tech, manage and grow relationships with enterprise clients. Focused on account management and ensuring a smooth sales process through exceptional customer service.