Compliance Manager - ApTask

About Client:
The client is an American electric vehicle (EV) manufacturer and automotive technology company, which specializes in designing and producing electric adventure vehicles, including the R1T pickup truck and R1S SUV, both known for their off-road capabilities, long range, and innovative design. The company is committed to sustainability, integrating eco-friendly practices throughout its operations and focusing on reducing its environmental footprint. It also develops electric delivery vans, notably partnering with Amazon for fleet production. With its own charging network and focus on renewable energy solutions, client aims to revolutionize transportation with a strong emphasis on environmental stewardship.



Rate Range: $70-$100/Hr



Job Description:

• Working in an agile environment, the Senior Cybersecurity Analyst (Compliance Manager) will focus on assisting with the successful achievement of specified industry-specific certifications for the organization.
• This role will report to the Senior Director of Cybersecurity Risk Management in the Enterprise Cybersecurity organization. As a member of the team, you will contribute to compliance activities related to multiple frameworks including ISO 27001, TISAX (important), and NIST CSF. The ideal candidate brings a strong understanding of risk assessment, understanding operating effectiveness, recommending and coordinating security controls implementation activities, and contributing to enhancing the overall compliance and cybersecurity program.
• In this role, the Senior Cybersecurity Analyst (Compliance Manager) will collaborate with Enterprise Cybersecurity and cross-functional business leaders to obtain and maintain globally recognized information security certifications specific to the cybersecurity domain and automotive industry for improved security, data protection, and proving assurance to business partners as an original automotive manufacturer.
• The duration for this contractor position is up to 18 months.

• Serve as a subject matter expert for compliance initiatives with a specific focus on ISO 27001 and TISAX. Understand the practical application of NIST CSF.
• Assist in performing detailed assessments with a focus on risk information, including self-assessments and working with external auditors covering the organization’s information security system and cybersecurity program maturity.
• Provide the appropriate level of support to demonstrate rigorous external verification and compliance with appropriate information security standards within the TISAX framework.
• Assist in achieving ISO 27001 certification of its ISMS, subsequently reducing risk and optimizing operations to meet additional compliance requirements.
• Demonstrate ownership for assigned responsibilities; proactively identify, escalate, and resolve impactful risks and issues.
• Possess deep expertise regarding cybersecurity risk management and apply this proficiency to initiatives, problems, and opportunities.
• Develop, report, and track key actionable metrics, milestones, goals, and learnings for improvement.
• Utilize the team’s JIRA board and track and report activities through closure.
• Provide input into longer-term planning activities at the vertical and domain levels, working cross-functionally with diverse stakeholders.
• Execute a comprehensive compliance strategy aligned with cybersecurity objectives and industry best practices; identify gaps and ensure compliance with standards across the enterprise.
• Develop an executive-level dashboard to track and generate metrics reports related to cybersecurity compliance on a recurring basis by partnering with the appropriate teams to develop Key Risk Indicators (KRIs) to drive compliance and deliver on overall program performance.
• Provide valuable delivery insights derived from multiple sources and communicate metrics teams can use to drive continuous improvement.
• Implement data quality standards, policies, and procedures to ensure accuracy, consistency, and reliability of data assets; improve the quality of operational data and metrics.
• Clearly communicate expectations and carefully track progress to ensure standards are met systematically; follow up to keep work on track.
• Stay updated on industry trends and best practices in risk and controls and proactively recommend improvements to the Cybersecurity Risk Management Program.
• Demonstrate influence; make a compelling case for change and obtain early stakeholder buy-in.
• Seek to understand different perspectives to resolve conflict.

• 5 years in cybersecurity compliance, including hands-on experience with analytics, tracking, and reporting.

• BA/BS degree in Information Systems, or related field, or equivalent experience required.

• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Systems Controls (CRISC), or Microsoft Certified Systems Administrator: Security.
• Certification in governance, risk & compliance (GRC), or artificial intelligence is a plus.

• Understanding of Information Security, Cybersecurity Operations, related technologies, and various Standards and Guidelines (NIST CSF, TISAX, ISO 27001). PCI-DSS experience is desirable.
• Strong leadership, business acumen, technical and consulting capabilities, and project/change management skills to contribute to the development of a strategic plan for the aligned discipline.
• Critical thinking and creative problem-solving skills.
• Excellent verbal and written communication skills and attention to detail.
• Able to triage multiple initiatives to address the right problems at the right time.
• Strong judgment in executing deliverables and working with stakeholders.
• Excellent interpersonal and team-building skills.
• Able to plan, communicate, and execute planning individually and with a team.
• Comfortable speaking technically and non-technically, as appropriate.
• Able to work effectively and successfully in a fast-paced environment.
• Proficiency in Google Suite, PowerBI, or other metrics and/or database/reporting/tracking tools, and project management software and tools.
• Models best-in-class project management practices.

 

Non-benefitted (other than those mandated under state or federal law).Please note that this position does not include paid time off benefits. ApTask offers subsidized insurance coverage to our employees.
 
About ApTask:
ApTask is a leading global provider of workforce solutions and talent acquisition services, dedicated to shaping the future of work. As an African American-owned and Veteran-certified company, ApTask offers a comprehensive suite of services, including staffing and recruitment solutions, managed services, IT consulting, and project management. With a focus on excellence, collaboration, and innovation, ApTask provides unparalleled opportunities for professional growth and development. As a member of the ApTask team, you will have the chance to connect businesses with top-tier professionals, optimize workforce performance, and drive success across diverse industries. Join us at ApTask and be part of our mission to empower organizations to thrive while fostering a diverse and inclusive work environment.

Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.

Candidate Data Collection Disclaimer:
At ApTask, we prioritize safeguarding your privacy. As part of our recruitment process, certain Personally Identifiable Information (PII) may be requested by our clients for verification and application purposes. Rest assured, we strictly adhere to confidentiality standards and comply with all relevant data protection laws. Please note that we only collect the necessary information as specified by each client and do not request sensitive details during the initial stages of recruitment.

If you have any concerns or queries about your personal information, please feel free to contact our compliance team at businessexcellence@aptask.com