Cybersecurity Governance Specialist

Summary

Join ARC Group as a Cybersecurity Governance Specialist in a fully remote position! This contract role, extending through August 2025 with potential for extension or conversion to full-time employment, offers significant career growth within a well-respected organization. You will develop and maintain information security policies, processes, and standards, collaborating with various IT departments. The role involves audit assessments, defining security configurations, and providing consultative guidance on information security strategies. This opportunity is open to candidates with permanent US work authorization.

Requirements

• Expertise in implementing, documenting, and maintaining baseline configuration frameworks for a range of IT systems, including operating systems, applications, and network devices, with a focus on industry-recognized standards such as CIS (Center for Internet Security) and DISA STIGs (Defense Information Systems Agency Security Technical Implementation Guides)
• Foundational knowledge of information risk concepts and principles and impact
• Foundational knowledge of NIST, HITRUST, ARS, or other security controls framework and the ability to assess the effectiveness of controls
• Proven leadership abilities including effective knowledge sharing, conflict resolution, facilitation of open discussions, fairness and displaying appropriate levels of assertiveness
• Knowledge of audit and assessment activities and processes
• Proven ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously
• Ability to interpret and communicate highly complex technical information clearly and articulately for all levels and audiences
• Currently have PERMANENT US work authorization
• 4+ years related work experience - IT Security Technical Writing, Process Analysis, SharePoint Administration, IT Audit, Controls Auditor, or Infrastructure Controls
• High school diploma or GED
• Security+ certification required before resource begins assignment

Responsibilities

• Develop and maintain detailed information security policies, processes, configuration baselines, and standards
• Interact closely with personnel from various IT departments including the application development, operations, network, and privacy teams
• Assist with annual and ongoing audit assessments
• Define processes and standards to ensure that security configurations are maintained, and other applicable security requirements are in place
• Provide consultative guidance on the development of information security strategies, procedures, policies, baselines, and programs

Preferred Qualifications

• CISSP - Cert Information Systems Security Professional
• 4 or more years' experience directly related to HIPAA, HITRUST, and/or Center for Medicaid and Medicare Services (CMS) Acceptable Risk Safeguards (ARS) controls

Benefits

100% remote working eastern time zone business hours