Apply on Employer Site

Ontic · 2 months ago

IT Governance Analyst

Creedmoor, North Carolina

Full-time

Hybrid

Mid Level

$105K/yr - $115K/yr

Ontic is a leading global aerospace OEM trusted by the world’s aviation leaders. The company is seeking an IT Governance Analyst to assist in developing and implementing IT and Cybersecurity frameworks while ensuring compliance with security regulations and standards.

AerospaceManufacturing

No H1B

U.S. Citizen Only

Responsibilities

Assist in the development and implementation of several IT and Cybersecurity frameworks across the enterprise

Ensure compliance with all relevant security regulations and standards

Monitor and report on adherence to governmental standards and security frameworks

Identify risks from non-compliance and recommend mitigation strategies to manage those risks

Implement mitigation strategies as directed

Work closely with stakeholders to ensure a unified approach to standard adherence

Assist and support in any audits of the company’s adherence to various security standards; Specifically, ISO27001, Cybersecurity Maturity Model Certification (CMMC), NIST SP 800-171, NIST SP 800-171A, NIST SP 800-172, Sarbanes Oxley (SOX), and others. Knowledge of EASA would also be useful

Influence the development of policies and procedures to ensure they contribute to the maintenance of various regulatory standards

Liaise with the Compliance department to ensure success across company boundaries

Stay current and up to date with frameworks including ISO27001, CMMC, NIST, SOX, and others

Successfully communicate identified risks to various stakeholders in a manner that they can most easily understand

Support the daily maintenance activities and response where necessary

Qualification

Governance frameworksRisk managementCybersecurity principlesCompliance regulationsMicrosoft 365ITAR regulationsCybersecurity assessmentsStakeholder engagementTechnical communicationProject management

Required

Strong understanding of governance frameworks and their implementation

Experience in risk management and compliance

In-depth experience with Microsoft 365 suite of tools

Strong understanding of cybersecurity principles, general knowledge of cybersecurity technologies, and industry-recognised certifications

Good understanding of ITAR rules and regulations

Ability to make recommendations to remediate complex security threats

General knowledge of cybersecurity vulnerability assessments, penetration tests, and the tools/techniques involved

Ability to be comfortable working on multiple, complex issues and projects within defined timelines

Demonstrated understanding of compliance regulations and Information Security control frameworks and standards (i.e., NIST, UK GDPR, FedRAMP, CMMC, ISO 27001, PCI, SOX, HIPPA)

Knowledge of physical cabling for network communications and control system Input/Output

Ability to introduce and explain highly technical topics to non-technical audiences

Benefits

Comprehensive medical insurance

Competitive PTO, holiday pay, and sick leave

Company 401K plan with up to 4% matched contribution

Annual bonus program (varies by level and discretionary based on company and individual performance)

Flexible working arrangements

Paid volunteering opportunities

Access to mental health champions across our sites

Commitment to development

Employee referral program

Company

Ontic

Ontic is a leading global aerospace OEM, providing complex engineered parts and repair services for established aircraft in the defense and commercial market.

Founded in 1951