Sr. Analyst, Cybersecurity Risk & Compliance
Sr. Analyst, Cybersecurity Risk & Compliance
Posted on :
08-06-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Vacancy
1 Vacancy
Posted on :
08-06-2025
Job Description
Aversan Inc. ( ) is a trusted multi-service engineering and electronics manufacturing company. Aversan delivers leading-edge and reliable safety-critical electronics and software systems to the aerospace defense and space industries.
We are seeking a Senior Analyst Cybersecurity Risk & Compliance. to support and help lead the Risk & Compliance function with a primary focus on maintaining our ISO 27001 certification and supporting our obligations on NIST 800-171. The right candidate will support Risk and Compliance program which includes Governance Risk and Compliance (GRC) and Third-Party Risk Management (TPRM) bring structure to our processes and help stabilize and scale the function
Key Responsibilities:
Basic Qualifications:
We are seeking a Senior Analyst Cybersecurity Risk & Compliance. to support and help lead the Risk & Compliance function with a primary focus on maintaining our ISO 27001 certification and supporting our obligations on NIST 800-171. The right candidate will support Risk and Compliance program which includes Governance Risk and Compliance (GRC) and Third-Party Risk Management (TPRM) bring structure to our processes and help stabilize and scale the function
Key Responsibilities:
- Contribute to all ISO 27001 activities including internal audit readiness external recertification and ongoing control maintenance.
- Support NIST 800-171 compliance efforts including maintenance of System Security Plans (SSPs) Plan of Action and Milestones (POA&Ms) and gap assessments.
- Have working knowledge and able support GDPR NIST CSF CMMC TISAX ITAR and AI related compliance as well as the ability to gain knowledge on future certification and regulation requirements.
- Assist in engagement with government compliance stakeholders and maintain awareness of requirements.
- Maintain the Risk Register and track mitigation progress across all functional areas.
- Coordinate the Security Exception process ensuring proper documentation approvals and governance.
- Including vendor assessments reviews remediation follow-up and monitoring.
- Write and update policy and standards and provide governance oversight and assurance.
- Administer GRC/TPRM tooling (ZenGRC) and ensure evidence management and workflows are maintained and audit-ready. Have an understanding or ability to use ServiceNow and AuditBoard risk management products.
- Prepare audit documentation and assist with responses for internal and external audits.
- Draft and maintain clear consistent and audit-ready documentation including policies control responses and program updates.
- Support customer assurance efforts related to ISO NIST and general cyber compliance.
- Lead internal audits and assessments
- Help implement scalable repeatable governance processes for policy and standard creation and lifecycle management.
- Assist in developing compliance procedures checklists and review frameworks.
- Support workflows for User Access Reviews (UAR) TPRM and continuous monitoring.
- Work cross-functionally with Aptiv Cybersecurity IT Legal HR and Engineering across Aptiv HellermannTyton Winchester and Intercable.
- Support communication and coordination with external auditors and internal stakeholders (including Primary Security Officer Aptiv Legal WR and Aptiv leadership).
- Support Cybersecurity Training
Basic Qualifications:
- 5 years of cybersecurity compliance or GRC experience
- Familiarity with ISO 27001 NIST 800-171 and enterprise GRC operations
- Strong writing skills with experience contributing to SSPs and POA&Ms
- Working knowledge of ZenGRC or similar tools
- Demonstrated ability to work across matrixed teams
- Experience with customer audit responses and regulatory compliance
- Experience supporting government-mandated compliance frameworks
- Involvement in ISO 27001 recertification efforts or similar standards
- Experience with third-party risk tools (e.g. BlueVoyant BitSight)
- U.S. citizenship required due to regulatory requirements
Required Experience:
Senior IC
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
