GUARDIAN RFID is a technology company whose mission is to build and deploy technology that protects America's Thin Gray Line.
GUARDIAN RFID is one of the fastest growing private companies in the U.S., making the Inc.5000 in 2021, 2022, 2023, and 2024 and nominated by KPMG as one of America's Most Innovative Companies.
From inmate tracking to inmate management, our industry-leading Cloud platform embeds business and artificial intelligence to digitally transform jails, prisons, and juvenile detention facilities of every size.
We are looking for a Security Compliance Manager responsible for ensuring GUARDIAN RFID adheres to all regulatory and industry standards, conducting mock audits, performing gap analyses, implementing corrective actions, managing attestations and certifications.
Specific tasks include, but are not limited to: Regulatory Compliance: Keep updated on federal and state regulatory changes and ensure the organization's cybersecurity practices comply with relevant laws and regulations.
Security Policies: Create and maintain policies to reflect the organization's cybersecurity requirements and practices.
Security Controls: Work with stakeholders to ensure controls are implemented to achieve control objectives enumerated in security policies.
Internal Audits: Plan and conduct regular internal audits to assess the organization's compliance with cybersecurity requirements.
External Audits: Work with external auditors and penetration testers to assess the organization's compliance with cybersecurity requirements.
Corrective Action Plans: Develop and oversee the implementation of corrective action plans to address gaps identified during internal and external audits.
Attestations and Certifications: Manage the process for achieving and maintaining relevant cybersecurity certifications and attestations, including, but not limited to certain NIST and ISO certifications, SOC 2 Type 2 Compliance.
Qualifications Bachelor's degree with a focus in Computer Science, Information Security, Accounting, or Finance 5 years of experience in cybersecurity governance, risk management, and compliance CISSP, CISA or CISM certification Requirements Knowledge of at least two of the following frameworks: NIST 800-53, ISO 42001, SOC 2 and FedRAMP Hands-on experience with at least one GRC tool Responsibilities Regulatory Compliance: Keep updated on federal and state regulatory changes and ensure the organization's cybersecurity practices comply with relevant laws and regulations.
Security Policies: Create and maintain policies to reflect the organization's cybersecurity requirements and practices.
Security Controls: Work with stakeholders to ensure controls are implemented to achieve control objectives enumerated in security policies.
Internal Audits: Plan and conduct regular internal audits to assess the organization's compliance with cybersecurity requirements.
External Audits: Work with external auditors and penetration testers to assess the organization's compliance with cybersecurity requirements.
Corrective Action Plans: Develop and oversee the implementation of corrective action plans to address gaps identified during internal and external audits.
Attestations and Certifications: Manage the process for achieving and maintaining relevant cybersecurity certifications and attestations Benefits Competitive salary and 401k (vests 100% upon enrollment) with employer match Discretionary paid time off Paid parental leave for all Medical, Dental, Vision plans Learning & Development programs Term Life Insurance Short Term Disability Sick & Safe Time Off Free lunch, snacks, and beverages in our offices Free account