Cyber Security Controls Assessor
6 Months
Oakland, CA 94612 (Hybrid: 1-2 days onsite per week)
 
Role Overview:

• The IT Compliance Project Specialist acts as a compliance and governance partner across the IT project portfolio. This role ensures that IT initiatives are planned, designed, and delivered in compliance with applicable regulations, company policies, and compliance standards.
• Working closely with the Compliance Lead, the Specialist provides analysis, documentation, and due diligence to support risk-based decision-making and to maintain compliance throughout the full project lifecycle.

Key Responsibilities
Project Advisory & Engagement

• Serve as a dedicated compliance advisor to project managers and delivery teams.
• Identify regulatory, policy, and control requirements early in the project lifecycle and ensure they are embedded into technical designs and project plans.

Gate Review & Approval Support

• Participate in project phase-gate reviews to assess compliance readiness.
• Review project artifacts and provide formal recommendations to the Compliance Lead to support approval, conditional approval, or remediation decisions.

Compliance Lead Support

• Function as the primary support resource for the Compliance Lead.
• Assist with executive reporting, remediation tracking, and escalation of project-level compliance risks.

Regulatory & Framework Alignment

• Ensure project alignment with applicable regulations and frameworks, including SOX, CCPA, ISO 55001, and internal company standards.
• Map project controls and artifacts to regulatory requirements to support a consistent and defensible compliance posture.

Experience

• 5+ years of experience in IT Compliance, IT Audit, or Governance, Risk & Compliance (GRC), preferably supporting large-scale IT projects.

Tools & Systems

• Experience using Planisware for project tracking, portfolio governance, and milestone management.

Education:

• Bachelor’s degree in information technology, Cybersecurity, Business, or a related discipline.

Certifications (Preferred)

• CISA (Certified Information Systems Auditor)
• CRISC (Certified in Risk and Information Systems Control)
• CISSP (Certified Information Systems Security Professional)
• PMP (Project Management Professional)

Delivery Methodologies

• Strong understanding of the Software Development Life Cycle (SDLC).
• Experience applying compliance controls in both Agile and Waterfall delivery models.

Professional Skills & Attributes

• Regulatory Expertise: Ability to interpret complex regulatory and control requirements and translate them into clear, actionable guidance for technical and project teams.
• Analytical Rigor: Strong attention to detail, particularly in validating technical evidence and identifying compliance gaps or control weaknesses.
• Consultative Mindset: Ability to function as a trusted advisor while maintaining independence and objectivity when providing recommendations to leadership.
• Communication Skills: Strong written and verbal communication skills, with the ability to bridge technical delivery requirements and compliance expectations.
• GRC & Project Tool Proficiency: Experience with GRC platforms (e.g., ServiceNow, Archer) and project management tools (e.g., Jira), in addition to Planisware, to maintain visibility across projects and compliance activities.

 
 
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 50.00/hr.