CMMC Analyst

About usOne team. Global challenges. Infinite opportunities. At Viasat, we're on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We're looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team.What you'll doWe are seeking an Information Security Analyst to help maintain a continuous state of compliance for the Cybersecurity Maturity Model Certification (CMMC) based on the NIST 800-171/172 set of controls. You will work within our greater security organization working with the business to implement, assess, and audit security practices and technical configurations to ensure compliance goals across the company. Your responsibilities include ensuring we are following applicable regulations and standards and ensuring proper security controls are operating effectively. You will also help develop performance metrics to measure our success. And as technology changes, you will be continuously tuning the program for optimal effectiveness.You are a self-starter, that can work independently, prioritize work based on the impact to the business, and manage multiple efforts simultaneously. You will possess a broad knowledge of modern technology and security best practices, superior analytical skills, attention to detail, and discipline to ensure consistency and accuracy. Excellent verbal and written communication skills are critical to build and maintain relationships with stakeholders.The day-to-dayCommunicating with internal customers across several product lines and technologies on compliance activitiesSupport engineering and IT requests related to security and compliance impacting changes within the target environments.Lead the resolution of identified information security and data risk issues.Leading the CMMC activities as the second line of defense, providing advisory activities for Company systems.Lead the maintenance of an asset inventory associated with the CMMC environment.Proactively evaluate proposed changes to CMMC environments to ensure they are implemented or isolated appropriately to avoid or mitigate risks.Assist in the development, maintenance and automation of security, risk, and compliance artifacts and documentation, including allexceptions and alternative controls implemented to address non-standard use cases.Lead audit support efforts from both regular internal and external audit requests.Interacting with auditors to resolve findings.Stay informed of industry changes, trends, and standards related to information security, including regular involvement in United States Government working groups including Defense Industrial Base (DIB) and National Defense Information Sharing and Analysis Center (ND-ISAC).Performing formal and informal risk assessments. What you'll need5+ years experience in the risk and compliance field focusing on ensuring that the company complies with federal, state and industry regulations and standards.5+ years experience working with NIST SP 800-53, NIST SP 800-171/172, or Risk Management Framework (RMF)including auditing and/or implementation of controls.Certified CMMC Assessor (CCA) or the ability to obtain certification upon hire.Ability to prepare disparate development teams for the rigors of IT framework controls.Deep understanding of laws and regulations related to enterprise security and risk.Broad knowledge of infrastructure, networking, security, and endpoint technologies.Excellent administrative and organizational skills with attention to detail and a high degree of accuracy, together with the ability to lead several simultaneous projects under deadline pressure.Exceptional interpersonal and communication skills, both oral and written; must be able to ask clear, concise questions involving complex technology to get requisite answers from business partners and colleagues.Experience with a GRC tool to optimize risk, compliance, and audit functions.Knowledge of security and compliance control implementation in both cloud and on-premise based technologies.U.S. Citizen Required.Ability to attain a US Government Secret Clearance.Ability to travel up to 10%.What will help you on the jobBA or BS in a related field preferred.Security and audit industry certifications including CISA, CIA, CISM, CISSP, SANS, CPA, etc.Previous experience as, or interacting with, a third-party audit team auditing PCI DSS, ISO27001, and/or IT SOX.Project Management experience.Experience with negotiation and problem/conflict resolution.Mature knowledge of information technology: applications, back-office integrations, operations, and key business processes is required.Salary range$113,000.00 - $178,000.00 / annually. For specific work locations within San Jose, the San Francisco Bay area and New York City metropolitan area, the base pay range for this role is $140,000.00- $210,000.00/ annuallyAt Viasat, we consider many factors when it comes to compensation, including the scope of the position as well as your background and experience. Base pay may vary depending on job-related knowledge, skills, and experience. Additional cash or stock incentives may be provided as part of the compensation package, in addition to a range of medical, financial, and/or other benefits, dependent on the position offered. Learn more about Viasat's comprehensive benefit offerings that are focused on your holistic health and wellness at https://careers.viasat.com/benefits.EEO StatementViasat is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, ancestry, physical or mental disability, medical condition, marital status, genetics, age, or veteran status or any other applicable legally protected status or characteristic. If you would like to request an accommodation on the basis of disability for completing this on-line application, please click here.