• Job Description

  Req#: R0007097

  *Staff positions are supportive roles providing support to our rehabilitation mission. Applicants for staff positions do not need to have a barrier to employment to be eligible for these roles.*

  Peckham Inc. - Information Security Compliance Analyst

  SUMMARY

  The Information Security Compliance Analyst supports the mission of the Information Security Team to protect the confidentiality of Peckham’s proprietary, customer, and employee information while defending technology systems against cyber threats to ensure the continuity of Peckham’s business operations. The Information Security Compliance Analyst plays a critical role in ensuring the organization's adherence to information security standards, policies, and regulatory requirements. They will be responsible for assessing and monitoring the organization's compliance with internal and external security requirements, documenting gaps, and identifying appropriate controls to mitigate risks.

  This role presents an excellent opportunity for an experienced information security professional who is passionate about compliance and risk management. If you are dedicated, detail-oriented, and thrive in a challenging environment, we invite you to apply for the position of Information Security Compliance Analyst. MUST be local to Lansing, MI.
  

  MAIN DUTIES AND RESPONSIBILITIES

  • Compliance Assessment: Under the direction of the Director of Information Security, conduct regular assessments to evaluate the organization's compliance with information security policies, standards, and regulatory requirements. This includes reviewing security controls, policies, procedures, and documentation.

  • Risk Identification and Mitigation: Under the direction of the Director of Information Security, identify and assess potential security risks and vulnerabilities to the organization's information systems, networks, and data. Develop and recommend preventive and corrective measures to mitigate risks and ensure compliance.
  • Regulatory Compliance: Stay abreast of relevant industry regulations, frameworks, and standards (e.g., CMMC, NIST 800 and CSF, and PCI), monitor changes, and under the direction of the Director of Information Security, ensure the organization's compliance with these requirements. Provide guidance and support to relevant stakeholders to facilitate compliance efforts.
  • Security Controls Implementation: Collaborate with cross-functional teams to design and develop security controls, policies, and procedures to safeguard the organization's information assets and maintain compliance.
  • Compliance Monitoring and Reporting: Conduct regular monitoring and audits to assess the effectiveness of information security controls, identify potential gaps or weaknesses, and recommend improvements. Prepare comprehensive reports detailing compliance status and present findings to the Director of Information Security.
  • Product Security Assessments: Utilizing established baseline product security questionnaires and assessment matrices, prepare security assessments of new products or services on an as-needed basis.

  OTHER DUTIES AND RESPONSIBILITIES

  • Incident Response and Investigation: When needed, support the incident response team in investigating security incidents, breaches, or violations.

  • Information Security Projects : As requested by and under the direction of the Director of Information Security, the Information Security Compliance Analyst will perform various tasks associated with the implementation of information security related projects.
  • Maintain a safe and clean work environment.
  • Promote Peckham’s vision values and services to all customers and stakeholders.
  • Assist in maintaining organizational wide quality standards.
  • Other duties as assigned.

  SUPERVISORY RESPONSIBILITIES

  • This position does not have direct supervisory responsibility.

  MINIMUM QUALIFICATIONS:

  • At least 5 years of experience within the information technology industry and at least 3 years direct experience in information security compliance governance, or risk management.

  • Must hold a current cybersecurity certification such as ISC2 CGRC or equivalent, and must maintain at least one approved cybersecurity certification throughout their tenure.
  • Must understand and practice the CIA Triad of Confidentiality, Integrity, and Availability in all aspects of their job duties.
  • The Information Security Compliance Analyst must have experience with vulnerability and compliance auditing and monitoring tools and security management tools to perform their primary job duties. be able to utilize tools such as Experience with the Tenable Vulnerability Management Platform and Microsoft Defender 365 is preferred.to perform their primary job duties.
  • Must be able to install software and maintain and secure their own computing devices and tools.
  • Be intimately familiar with the Microsoft Windows family of operating systems and at least one Linux or Unix distribution (Ubuntu, Kali, macOS, etc.).
  • be willing and able to travel to any Peckham location as requested by the Director of Information Security to conduct onsite assessments (typically annually).
  • be able to provide and maintain a controlled environment when working from home.
  • Must be comfortable with working independently in an isolated job setting.

  PHYSICAL AND MENTAL DEMANDS

  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position. The physical demands of this position may be reasonably accommodated for individuals with disabilities on a case-by-case basis. [MJ2]

  COMPETENCIES

  • The Information Security Compliance Analyst must possess strong written communication skills.

  • The Information Security Compliance Analyst must possess strong documentation skills.
  • The Information Security Compliance Analyst must be detail oriented and thorough.
  • The Information Security Compliance Analyst must understand, support, and practice process in all aspects of their job duties.
  • The Information Security Compliance Analyst must be able to compartmentalize sensitive information and employ the philosophy of need-to-know in all communications and disclosures.
  • The Information Security Compliance Analyst must be able to work independently and with minimal supervision within their assigned job duties without affecting quality, thoroughness, or timeliness.
  • Peckham is a dynamic and fast-paced organization. The Information Security Compliance Analyst must be flexible and adapt to changing conditions and multiple priorities on a regular basis.

  PHYSICAL DEMANDS

  The physical demands of this position may be reasonably accommodated for individuals with disabilities on a case-by-case basis.

  PECKHAM IS AN EQUAL OPPORTUNITY EMPLOYER

  EEO/AA Employer/Vet/Disabled. Peckham provides equal opportunities and does not unlawfully discriminate on the basis of race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, disability, genetic information, height, weight, marital status, veteran status, or any other protected characteristic protected by applicable federal, state, or local law.

  REASONABLE ACCOMMODATION FOR APPLYING NOTICE

  Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. If you require assistance or a reasonable accommodation to complete any part of your application please:

  • Click HERE and you will be directed to the ILRU Directory to find an agency in your area that can assist you
  • Click HERE and you will be directed to the American Jobs Center (AJC) finder to locate a center near you
  • Email us at careers@peckham.org
  • Call us at (517) 316-4000
  • Visit us at: 3510 Capital City BLVD, Lansing, MI 48906 (M-F 8am - 4pm)

  Examples of reasonable accommodations may include making a change to the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

  Business Line:

  Peckham IT

  Location:

  Lansing, MI

  Worker Sub-Type:

  Staff Member

• About the company

  Peckham, Inc., a nonprofit vocational rehabilitation organization, provides job training opportunities for persons with significant disabilities and other barriers to employment.

Notice