IT Compliance Manager

MULTIPLE LOCATIONS WITHIN NEEL-SCHAFFER'S 9-STATE FOOTPRINT

Neel-Schaffer is much more than just a place to work. It is a promise of a living, dynamic environment where people collaborate, innovate, build enduring relationships, excel, and grow professionally in a strong culture of ownership.

Do you have the desire to learn? The drive to excel and thrive in an engaged, client-focused environment? If so, Neel-Schaffer might have just the right opportunity for you.

Neel-Schaffer is seeking applications from qualified candidates for an experienced IT Compliance Manager to join our growing engineering firm. This position can be based in one of our offices within our nine-state company footprint. The successful candidate must have relevant and hands‑on work experience overseeing and ensuring an organization’s adherence to IT security and compliance standards with a focus on governments and industry regulations relevant to the AEC sector.

The IT Compliance Manager will develop, implement and monitor compliance programs to mitigate risks and support secure operations. This role may require travel up to 50% of time.

• Develops and maintains IT compliance policies, procedures, and controls aligned with NIST 800‑171, CMMC, ISO
  27001, and other relevant standards.
• Conducts regular risk assessments, internal audits, and compliance reviews to identify vulnerabilities and ensure adherence to regulatory requirements and company standards.
• Collaborates with IT, engineering, legal, business stakeholders and project teams to integrate compliance measures into daily operations including data protection for sensitive project information and client deliverables.
• Manages compliance certification processes, including preparation for CMMC assessments and ISO 27001 audits.
• Monitors emerging regulations and industry trends in the AEC sector, providing guidance on updates to compliance strategies.
• Trains, educates, and partners across the organization on compliance best practices, security awareness, and incident response protocols.
• Coordinates with external auditors, vendors, and regulatory bodies to facilitate compliance validations and reporting.
• Investigates and responds to compliance incidents, implementing corrective actions as needed.
• Maintains documentation for compliance evidence, including policies, training records, and audit trails.

The successful candidate should have a strong work ethic and a passion for safeguarding critical infrastructure through robust IT compliance.

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field.
• Minimum 5 years of experience in IT compliance, security, or a related role preferably in a regulated environment.
• Proven experience in the AEC industry with a strong understanding of civil engineering project technical needs such as secure data sharing, BIM (Building Information Modeling) systems, and cloud‑based collaboration tools.
• Demonstrated expertise in NIST 800‑171, CMMC, and ISO 27001 frameworks, including implementation and auditing.
• Relevant certifications such as:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• or similar security and compliance credentials.
• Familiarity with tools and technologies for compliance management, such as GRC (Governance, Risk, and Compliance) platforms.
• Strong analytical, problem solving, and communication skills.

Equal Opportunity Employer