*join our team and help shape benchmark's global cybersecurity future!
*the cyber security compliance lead supports the organization's cybersecurity integrated risk management & compliance program by ensuring adherence to regulatory, contractual, and internal security requirements.this role conducts control assessments, facilitates audits, drive audits remediation, provide inputs to cybersecurity policies and procedures, and supports evidence collection across the nist csf, nist sp *, cmmc, sox, and broader customer and regulatory frameworks.the lead will ensure to maintain a strong security posture through continuous monitoring, documentation, and coordination with it, legal, security engineering, and business stakeholders*key responsibilities*:*1.cybersecurity compliance & control assessments*- perform internal security control assessments validating adherence to internal cyber security/it policies while meeting external frameworks requirements: nist sp *, cmmc, iso, sox & others- partner with corp internal audit to drive awareness on sox it controls & ensure remediation plan closures on time- assist in maintaining evidence repositories for audits, including ssp updates, poa&ms, and continuous monitoring artifacts- support governance activities aligned with nist csf functions (govern, identify, protect, detect, respond, recover)*2.regulatory & customer contractual requirements adherence*- support responses to customer cyber/compliance inquiries and security questionnaires.
- lead external certification assessments & establish plan of action (poam )(eg: cmmc)- gather audit evidence for government, customer, and third‐party cyber assessments.
- track remediation of identified compliance gaps and ensure timely closure.
- ensure policies have proper traceability to operational controls and support "be-audit-ready" documentation.
*3.continuous controls monitoring & reporting*- establish mechanism to monitor & report security control effectiveness and coordinate with technical teams to track remediation actions.
- partner with cyber governance lead to establish & manage policy compliance metric- support ongoing risk assessments, vulnerability reviews, and asset classification activities.
- assist in conducting supplier or third‐party cybersecurity assessments when required.
*4.policy, standards & procedures support*assist cyber governance team in reviewing, updating, and maintaining cybersecurity policies, standards, and procedures.
*requirements:*- bachelor's degree in cybersecurity, it, risk management, or a related field.
- *5+ years of experience*in cybersecurity governance, risk, compliance, or similar roles.
- experience working with nist frameworks (nist csf, nist sp *, nist sp *).
experience collaborating with executive leadership on cybersecurity and enterprise risk topics.
*skills & competencies*:- strong understanding of cybersecurity controls, risk methodologies, and compliance requirements.
- ability to perform control testing and document evidence clearly.
- proficiency in governance tools, or grc platforms- excellent communication and documentation skills for compliance and audit activities.detail-oriented and capable of managing multiple workstreams across teams.
*preferred certifications*:- sox it and cyber internal auditor- certified information systems auditor (cisa)- certified data privacy security engineer (cdpse)- crisc (certified in risk & information systems control)- cissp or cism- cmmc professional/assessor (desired)