×
Register Here to Apply for Jobs or Post Jobs. X

IT Security Specialist – Compliance and Governance

Job in San Jose, Santa Clara County, California, 95199, USA
Listing for: GOEBEL FIXTURE COMPANY
Full Time position
Listed on 2026-07-17
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 110000 - 170000 USD Yearly USD 110000.00 170000.00 YEAR
Job Description & How to Apply Below
Position: IT Security Specialist I – Compliance and Governance

The IT Security Specialist I – Compliance and Governance is responsible for providing senior-level leadership for cybersecurity governance, risk management, compliance, and audit readiness activities in a remote environment. This role oversees the implementation, assessment, and continuous monitoring of security controls to ensure compliance with federal regulations and frameworks, including NIST, FISMA, RMF, FISCAM, and ISO 27001.

Success in this role is demonstrated by maintaining audit readiness, strengthening organizational compliance, effectively managing cybersecurity risk, and driving continuous improvement across security governance and compliance programs.

What You Will Do in This Role

The IT Security Specialist I – Compliance and Governance leads cybersecurity compliance, governance, risk management, and audit readiness efforts by overseeing security controls, assessments, documentation, and regulatory compliance activities to support and maintain a strong federal cybersecurity posture.

  • Provide direct support to cybersecurity, compliance, governance, and information assurance personnel while leading compliance and governance activities supporting FISMA, NIST SP 800-53, A-123, FISCAM, RMF, ISO 27001, and agency‑specific cybersecurity requirements.
  • Oversee the implementation, documentation, assessment, and continuous monitoring of security controls across assigned systems and environments, including governance activities within governance, risk, and compliance (GRC) platforms.
  • Coordinate and support internal and external audits, assessments, inspections, and reviews conducted by OIG, GAO, independent assessors, and agency stakeholders; develop and maintain audit‑ready documentation, compliance artifacts, and governance records.
  • Review, validate, and approve Plans of Action and Milestones (POA&Ms); monitor remediation efforts through closure; and coordinate penetration testing, vulnerability reviews, security control assessments, and compliance evaluations to identify and address security gaps.
  • Support risk management activities, including risk identification, analysis, mitigation planning, executive reporting, and the preparation of monthly compliance, risk, and security posture reports for federal leadership and program stakeholders.
  • Develop and maintain security governance documentation, including policies, procedures, standards, control narratives, system security documentation, transition plans, continuity documentation, and operational handoff artifacts.
  • Provide expert guidance to technical, operational, and program management teams and collaborate with cybersecurity, infrastructure, application, cloud, and business stakeholders to ensure security requirements are effectively implemented and maintained.
  • Evaluate changes to federal cybersecurity regulations, NIST publications, OMB guidance, and industry standards, and support continuous process improvement initiatives that strengthen compliance, audit readiness, and risk management capabilities.
What You Will Bring
  • Bachelor's degree in Cybersecurity, Information Technology, Information Assurance, Engineering, Business, or a related field (or equivalent combination of education and experience).
  • 8+ years of progressive experience supporting cybersecurity governance, compliance, risk management, information assurance, or audit readiness programs.
  • Minimum of 5 years serving in a senior Information Assurance (IA), Governance, Risk, and Compliance (GRC), or cybersecurity management role.
  • Demonstrated experience supporting federal civilian or cabinet‑level agency cybersecurity programs.
  • Hands‑on experience utilizing CSAM or similar Governance, Risk, and Compliance (GRC) platforms.
  • Extensive knowledge of NIST SP 800-53, FISMA, A-123, FISCAM, RMF, and related federal cybersecurity frameworks.
  • Working knowledge of ISO 27001 principles and Information Security Management Systems (ISMS).
  • Experience developing, reviewing, and assessing security controls, compliance documentation, and audit artifacts.
  • Experience managing POA&M processes, vulnerability remediation activities, and risk mitigation efforts.
  • Strong analytical, organizational, communication, and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary