Title: Compliance and Security Specialist - L4
Compliance and Security Specialist
Job Title: Compliance and Security Specialist
Location: Milford, OH or Remote
Job Summary:
We are seeking a knowledgeable and experienced Compliance and Security Specialist to manage and support our security, risk, and compliance initiatives, including ISO 27001, NIST, CMMC 2.0, and CFIUS compliance, with good understand of relevant FAR & DFAR clause. This role ensures that our organization adheres to information security best practices and regulatory requirements, particularly in sensitive areas involving national security and foreign investment
Requirements, particularly in sensitive areas involving national security and foreign investment.
͏
Key Responsibilities:
Compliance Management:
Lead initiatives to achieve and maintain compliance with ISO 27001, NIST SP 800-53/CSF, and CMMC 2.0 (Levels 1–3).
Oversee compliance with CFIUS requirements for organizations subject to foreign ownership, control, or influence (FOCI).
Conduct gap assessments, risk assessments, and readiness reviews across compliance frameworks.
Support review of Customer contract documents related to Security, FAR / DFR clause.
CFIUS Oversight:
Manage and monitor compliance with mitigation agreements and security commitments imposed by CFIUS.
Maintain documentation and reporting required for CFIUS oversight and coordinate responses to information requests.
Audit & Certification Support:
Support external audits, assessments, and certifications (e.g., ISO 27001, NIST, CMMC).
Coordinate evidence collection and responses during audits and ensure timely remediation of findings.
Risk Management:
Conduct and document security risk assessments; maintain risk registers.
Work with technical and business teams to identify, prioritize, and mitigate risks.
Security Operations Support:
Ensure technical and administrative controls meet regulatory and contractual security requirements.
Collaborate with IT/security to implement, test, and monitor key security controls.
Training & Awareness:
Develop and deliver compliance and security awareness training.
Promote a security- and compliance-conscious culture throughout the organization.
Documentation & Reporting:
Maintain up-to-date documentation for policies, procedures, risk assessments, compliance evidence, and CFIUS obligations.
Generate regular compliance reports for internal stakeholders and regulatory bodies as required.
͏
Key Responsibilities:
Compliance Management:
Lead initiatives to achieve and maintain compliance with ISO 27001, NIST SP 800-53/CSF, and CMMC 2.0 (Levels 1–3).
Oversee compliance with CFIUS requirements for organizations subject to foreign ownership, control, or influence (FOCI).
Conduct gap assessments, risk assessments, and readiness reviews across compliance frameworks.
Support review of Customer contract documents related to Security, FAR / DFR clause.
CFIUS Oversight:
Manage and monitor compliance with mitigation agreements and security commitments imposed by CFIUS.
Maintain documentation and reporting required for CFIUS oversight and coordinate responses to information requests.
Audit & Certification Support:
Support external audits, assessments, and certifications (e.g., ISO 27001, NIST, CMMC).
Coordinate evidence collection and responses during audits and ensure timely remediation of findings.
Risk Management:
Conduct and document security risk assessments; maintain risk registers.
Work with technical and business teams to identify, prioritize, and mitigate risks.
Security Operations Support:
Ensure technical and administrative controls meet regulatory and contractual security requirements.
Collaborate with IT/security to implement, test, and monitor key security controls.
Training & Awareness:
Develop and deliver compliance and security awareness training.
Promote a security- and compliance-conscious culture throughout the organization.
Documentation & Reporting:
Maintain up-to-date documentation for policies, procedures, risk assessments, compliance evidence, and CFIUS obligations.
Generate regular compliance reports for internal stakeholders and regulatory bodies as required.
Experience: 5-8 Years .
Expected annual pay for this role ranges from $60,000 to $1,35,000 . Based on the position, the role is also eligible for Wipro’s standard benefits including a full range of medical and dental benefits options, disability insurance, paid time off (inclusive of sick leave), other paid and unpaid leave options.
Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.
Nearest Major Market: Cincinnati