CrawlJobs Logo

Cybersecurity & Compliance Officer

spi-ind.com Logo

Sierra Pacific Industries

Location Icon

Location:
United States , Redding

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

100000.00 - 160000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Responsibility:

  • Lead efforts to identify, develop, recommend, and implement best practices to continuously improve the Company’s cybersecurity program
  • Establish credibility as the knowledge expert to provide strategic direction and align cybersecurity initiatives with Company goals and priorities
  • Conduct ongoing cybersecurity risk assessments to identify gaps and implement appropriate improvements
  • Work collaboratively with leadership teams and develop effective partnerships within/outside the Company to integrate security and data protection into daily operations and strategic initiatives
  • Diligently monitor, investigate, and respond to cybersecurity threats
  • Oversee third-party and vendor cybersecurity risk management
  • Ensure compliance with applicable regulatory, legal, and contractual requirements
  • Advocate for a strong, security-aware culture through effective leadership, communication, and education

Requirements:

  • Bachelor’s Degree in Cybersecurity, Information Technology, Management Information Systems, or significantly related field
  • 5+ years of experience in cybersecurity, information security, or IT risk management
  • Strong working knowledge of enterprise security controls and policies, networking, and infrastructure in a Microsoft cloud environment (e.g., Defender, Purview, Intune, Entra ID)
  • Experience developing and enforcing security policies and standards
  • Demonstrated analytical reasoning and problem-solving skills under demanding circumstances
  • Strong written and verbal communication skills, including the ability to explain security risks to non-technical audiences to effectively promote cybersecurity and compliance initiatives

Nice to have:

  • Hands-on experience with incident response, security investigations, and remediation
  • Experience in manufacturing, industrial, or multi-site enterprise environments
  • Working knowledge of MDR platforms, remote access solutions, MDM/MAM policies, and PowerShell scripting
  • Familiarity with regulatory frameworks and security standards (e.g., HIPAA, NERC, CCPA, NIST, CIS, ISO 27001)
  • Relevant certifications such as CISSP, CISM, or similar
What we offer:
  • Excellent low-cost health benefits
  • Retirement plan with employer-paid contributions
  • Paid vacation and 10 holidays
  • Full Health Benefits Plan (including medical, dental, and vision) with low-cost premiums
  • 401(k) with Company Match
  • Additional Retirement Contributions
  • Company-paid Life Insurance

Additional Information:

Job Posted:
April 27, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Sierra Pacific Industries - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cybersecurity & Compliance Officer

Junior Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • In lieu of a degree, a minimum of two (2) years of hands-on relevant experience is required
  • Minimum two (2) years of hands-on experience in Governance Risk and Compliance and the RMF process
  • Proficient with Federal policies, program standards, and NIST Special Publications guidelines to include but not limited to such as NIST SP 800-53, 800-37, 800-137
  • Experience supporting system security documentation, control assessments, and ATO or ATT packages for low to moderate-impact systems
  • Proficient on how to use various security tools, such as but not limited to: JCAM (or an equivalent GRC tool), Tenable, BigFix, and Splunk (or SIEM), and/or equivalent
  • Familiarity with tools such as JCAM and common security documentation templates
  • Exposure to POA&M tracking, audit support, and vulnerability scanning processes
  • Ability to draft and maintain basic cybersecurity documentation (e.g., SSP, CMP, IRP)
  • Detail-oriented with solid organizational and documentation skills
Job Responsibility
Job Responsibility
  • Support the development and maintenance of ATO/ATT documentation for low to moderate-impact systems
  • Assist with system security assessments and control evaluations under the Risk Management Framework (RMF)
  • Maintain security artifacts and documentation in JCAM
  • Conduct biweekly reviews of system logs and vulnerability scan results
  • Track and manage POA&Ms in coordination with senior ISSOs and system owners
  • Participate in continuous monitoring, training exercises, and contingency planning events
  • Ensure compliance with cybersecurity policies and NIST SP 800-53 control
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Mid-Level Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • Minimum of four (4) years of hands-on experience in cybersecurity
  • Knowledge of Governance Risk and Compliance with at least one (1) year maintaining an Authorization to Operate (ATO) for a moderate or high-impact federal information system
  • Strong working knowledge with Federal policies, program standards, and NIST Special Publications guidelines
  • Experience drafting, reviewing, and maintaining system security documentation
  • Proficient in using various security tools
  • Strong communication, written, and presentation skills
  • Provide support and mentorship for Tier I ISSOs
  • Familiarity with vulnerability scanning tools and interpreting results
  • Must possess at least one of the following certifications: CISSP, CISM, CGRC, CRISC, ISSMP, CISA, CCSP, CEH, CompTIA Security+, PMP
Job Responsibility
Job Responsibility
  • Support the maintenance of security documentation and support system ATO and ATT efforts
  • Conduct security control assessments and provide recommendations for remediation
  • Perform biweekly audit log and vulnerability scan reviews and track POA&M items
  • Collaborate with system owners and technical teams to manage risk and respond to incident
  • Support Ongoing Authorization (OA) and continuous monitoring activities
  • Prepare and brief senior leadership on system security posture and compliance metric
  • Ensure alignment with DOJ cybersecurity policies and NIST SP 800-53, 800-37, and 800-137
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Business Information Security Officer

A senior individual contributor role serving as the cybersecurity liaison for HP...
Location
Location
Ireland , Leixlip
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of experience in cybersecurity, risk management, or related fields, with significant exposure to financial services regulatory environments
  • proven ability to partner with business executives and influence decision-making through clear articulation of cyber risk in business and regulatory terms
  • deep knowledge of cybersecurity frameworks and controls relevant to financial institutions (NIST, ISO 27001, DORA, SOX, GDPR, etc.)
  • experience engaging with financial regulators, auditors, and external examiners on cybersecurity compliance
  • strong understanding of incident response processes, with the ability to coordinate remediation and communication at the business unit level
  • exceptional communication, stakeholder management, and executive presence
  • bachelor’s degree required
  • advanced degree and/or certifications (e.g., CISM, CISSP, CRISC) preferred.
Job Responsibility
Job Responsibility
  • act as the primary cybersecurity liaison for HPEFS, partnering with executives to translate cyber risk into business and regulatory impact and enable informed leadership decisions
  • inform the HPEFS leadership about emerging cyber threat landscape to be proactive in protecting the business
  • drive cybersecurity strategies tailored to the regulatory environment for financial services, including but not limited to Central Bank of Ireland requirements, Digital Operational Resilience Act (DORA), SOX, GDPR (cyber-related obligations)
  • lead cyber risk assessments for products, services, and bank operations, ensuring controls meet both enterprise and banking regulatory expectations
  • serve as the on-point liaison during security incidents impacting HPEFS, coordinating with CDRM’s centralized incident response team and driving business-side remediation and communication
  • oversee vulnerability management for HPEFS assets, ensuring issues are tracked, prioritized, and remediated in alignment with regulatory timelines and enterprise standards
  • partner with the HPEFS IT leader to align on security priorities, infrastructure controls, and technology programs impacting financial services operations
  • support closure of audit, regulatory, and compliance findings through coordination of corrective action plans and, where appropriate, risk acceptance processes
  • monitor evolving regulatory requirements and industry trends, advising leadership on compliance gaps, risk exposure, and readiness for regulatory examinations
  • influence enterprise cybersecurity priorities by advocating for HPEFS needs within the broader CDRM strategy
What we offer
What we offer
  • health and wellbeing benefits
  • personal and professional development programs
  • unconditional inclusion in the workplace.
  • Fulltime
Read More
Arrow Right

Risk Register Officer

The IT Risk Register Officer main mission is to promote the management of IT ris...
Location
Location
Portugal , Porto
Salary
Salary:
Not provided
https://www.inetum.com Logo
Inetum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Risk monitoring (knowledge in risk management: ability to identify, alert and suggest remediation)
  • Risk analysis (ability to anticipate/analyze threats and create risk scenario) and Risk opinion (ability to challenge, approve and decide (new activities, projects…))
  • Internal audit knowledge (knowledge of the audit process and methodology)
  • IT knowledge (global knowledge of IT, its major processes and assets & solutions) and Cybersecurity (general knowledge in cybersecurity risks, frameworks and requirements)
  • Regulatory (general knowledge in IT and cybersecurity regulators framework) and Compliance (global knowledge of compliance, its major processes or regulatory framework)
  • English
Job Responsibility
Job Responsibility
  • Management of the Risk Register: Update regularly IT risks criteria over time (risk category, owner, impact…)
  • Initiate & support the annual review of all IT risks in the Risk Register
  • Support risk assessment: Organize with relevant stakeholders the assessment/analysis about identified IT risks (e.g.: impact, mitigation…)
  • Organize the validation of IT risks assessment
  • Organize the compliance with the company's Risk Management process
  • Collect new risk cards and challenge them with relevant stakeholders (e.g.: mitigation suggested)
  • Reporting: Gather feedbacks regarding formalization of risk cards & ongoing mitigation measures from risk owners
  • Follow KPI defined in risk cards (mitigation, impact…)
  • Perform a reporting about risks and risks mitigation to the top management, raise alerts if needed
  • Participate to the Business Line Risk committee to share inputs about risks (risks stored in Risk Register, level of risks, impact…)
  • Fulltime
Read More
Arrow Right

Account Security Officer

HPE Operations is our innovative IT services organization. It provides the exper...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in security policy, process, guidelines & procedures development and in doing security assessments based on industry standards such as ISO27001 and/or NIST
  • Ability to communicate with internal and external senior management confidently and professionally, breakdown and communicate complex concepts and issues into easily consumable written and verbal communications
  • High level of autonomy under general direction, and ability to independently complete, as well as lead team in the delivery of complex projects with multiple deliverables and technologies
  • Can demonstrate innovation and thought leadership through problem solving, new ideas, experience, or forward-thinking concepts
  • Strong interpersonal and written communication skills
  • Ability and willingness to travel, also across the countries
  • Ease to communicate at all levels, including management level presentations and summaries
  • Understanding of Cyber and IT security risks, threats and prevention measures
  • Experience in writing technical reports that analyze and interpret results
  • Understanding of security standards and best practices
Job Responsibility
Job Responsibility
  • Works closely with Managed Services teams to provide HPE’s customer with security governance reports and continuous feedback
  • Strategically aligned with HPE and HPE’s customer’s security initiatives
  • Accountable for all security-related compliance and delivery for the assigned Customer
  • Drives engagement with broader HPE teams to support Customer requirements
  • Actively manages and maintains ownership of cybersecurity risk management
  • Oversees implementation of security-related projects for the assigned Customer
  • Manages new and emerging Customer security policy requirements
  • Key participant in the Change Advisory Board (CAB) for the assigned Customer
  • Owns ongoing management and implementation of Customer-specific Security Incident Response Plan
  • Owns development and ongoing management of Customer-specific Account Security Handbook
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Patch Management Officer

Ivy Partners is a Swiss consulting firm assisting companies in their strategic, ...
Location
Location
Portugal , Porto
Salary
Salary:
Not provided
ivy.partners Logo
IVY Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have 1/2 years of experience in IT operations, systems administration, or information security
  • Possess a strong understanding of ITIL or similar frameworks and are familiar with change management and incident escalation processes
  • Understand regulatory compliance standards such as ISO 27001, NIST, PCI-DSS, as well as basic to intermediate networking, firewalls, and endpoint security
  • Are knowledgeable about virtualization platforms and cloud infrastructure
  • Can assess the impact of missing patches and prioritize based on business risk, and are skilled in creating detailed reports and maintaining compliance records
  • Have excellent verbal and written communication skills to effectively liaise with various stakeholders
Job Responsibility
Job Responsibility
  • Develop patch deployment schedules and maintenance windows
  • Coordinate with IT teams to plan and test patch rollouts to minimize disruptions
  • Collaborate with cybersecurity teams to align patching and vulnerability scans, addressing identified vulnerabilities to meet remediation timelines
  • Monitor patch deployment success rates and produce compliance reports
  • Manage tools and technologies for optimizing patch management effectiveness
  • Engage closely with various teams to ensure proper communication and manage risks effectively
What we offer
What we offer
  • We provide a supportive environment where everyone is valued, offering training and growth opportunities both in Switzerland and internationally
  • Creating a climate of trust | Working with us means building a relationship based on transparency, professionalism, and commitment
  • Encouraging innovation | We blend technology and creativity to lead impactful digital transformations
  • Assuming our responsibilities | The collective is at the heart of our actions, and we strive to make a positive impact
  • Fulltime
Read More
Arrow Right

Information Security Officer

Elevate Our Security Posture: Join Us as an Information Security Officer. Are yo...
Location
Location
Poland , Łódź
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 5+ years of experience in an information security role, with at least 2 years in a leadership position
  • Relevant certifications (CRISC, CISSP, CISA, CISM) are preferred
  • Strategic Mindset: Deep understanding of business goals and objectives, with the ability to align cybersecurity risk management with overall business strategy
  • Risk Management Expertise: Proven ability to identify, assess, and prioritize cybersecurity risks
  • Technical Proficiency: In-depth knowledge of cybersecurity principles, security controls, incident response, and industry frameworks
  • Communication & Collaboration: Excellent communication skills, with the ability to translate complex technical concepts for non-technical audiences
  • Leadership: Proven ability to lead and mentor a team of security professionals
  • Thrive in a Fast-Paced Environment: Experience contributing to and managing cybersecurity within a high-growth company
Job Responsibility
Job Responsibility
  • Risk Management: Proactively identify, assess, and mitigate security risks and vulnerabilities
  • Security Awareness: Develop and deliver engaging training programs to educate employees on security best practices
  • Compliance: Ensure adherence to relevant security standards and regulations (ISO 27001, PCI DSS, GDPR)
  • Policy & Procedure Development: Lead the creation and maintenance of clear and concise security policies and procedures
  • Third-Party Risk Management: Assess and manage the security posture of third-party vendors and partners
  • Data Protection: Define requirements and contribute to implementing Data Loss Prevention (DLP) solutions
  • Security Frameworks: Contribute to the adoption and implementation of industry-leading security frameworks (NIST, CIS)
  • Business Partnership: Collaborate closely with business units to understand their security needs and align with the overall security strategy
  • GRC Program: Operate and mature our Governance, Risk, and Compliance (GRC) program
  • Leadership & Collaboration: Lead and mentor a team of security professionals, fostering a culture of collaboration and continuous improvement
Read More
Arrow Right

VP, Information Security Officer (ISO), Markets, Taiwan

The Chief Information Security Office (CISO) is home to deeply talented colleagu...
Location
Location
Taiwan , Taipei
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of relevant experience in Information & Cybersecurity space or related domains such as risk management, auditing, consulting & advisory services
  • One or more of IS/Cybersecurity industry standard certifications (e.g. CISA, CISSP, CISM, SANS GIAC, CEH, CRISC, CCSP,SSCP, CompTIA Security+ etc.) are mandatory
  • Strong understanding of Information security domains with hands on experience of performing application security risk assessments covering controls such as Identity & Access Management, API Security, Cloud/SaaS Security, Cryptography, Sensitive Data protection, Audit Logging/Monitoring, Secure SDLC controls
  • Sound knowledge of Network Security controls (including Firewalls, IDS/IPS) and Application Vulnerability Assessments/Source code & component vulnerability scanning related controls
  • Good understanding of Markets Business and Applications such as such as trading platforms, order management systems, risk management systems, pricing engines etc. is an advantage
  • Hold relevant professional certificates recognized by local authorities
  • Sound knowledge of IS/Cybersecurity related local regulatory, and compliance requirements in the financial services industry and Securities & Futures Markets
  • Understanding of policy compliance and how it relates to risk
  • Extensive knowledge of information security risk assessment methodologies/industry standards
  • Demonstrated ability to take ownership and follow up on issues
Job Responsibility
Job Responsibility
  • Act as a Trusted Security Advisor to business and technology teams, guiding them on IS/Cyber risks
  • Appropriately assess risks when business decisions are made, demonstrating consideration for the firm's reputation and safeguarding Citigroup, its clients and assets
  • Drive compliance with applicable Information & Cybersecurity laws, rules and regulations, adhering to relevant Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
  • Serve as the local point of contact of all information security matters, including management, governance, compliance, and third-party risk management
  • Manage local audit and regulatory engagements impacting CISO
  • Drive country-specific control implementations or special programs, where deemed necessary based on risk assessments or local regulatory requirements
  • Work with business & technology management to drive the information security program and govern risk management activities including CSRA (Cybersecurity Risk Appetite) reporting
  • Work with the internal Applications Development function to facilitate improvements in both architectural and application security posture
  • Provide strategic risk guidance for business and technology projects, including the evaluation and recommendation of security controls and corrective actions to mitigate/remediate risks
  • Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation
What we offer
What we offer
  • Extensive on-the-job training and exposure to senior leaders
  • Access to telehealth options, health advocates, confidential counseling
  • Expanded Paid Parental Leave Policy
  • Access to an array of learning and development resources
  • Generous paid time off packages
  • Resources and tools to volunteer in the communities
  • Fulltime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries Tools About Us FAQ Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy