Job Description SummaryThe Sr Regulatory Compliance Analyst, will be responsible for regulatory IT compliance tasks for new and existing non-commercial (e.g., GE Enterprise) products and processes for the Digital business organization.This role is fully remote/home based but will require quarterly t
JSfirm
Sr Regulatory Compliance Analyst
Job Description:
Job Description SummaryThe Sr Regulatory Compliance Analyst, will be responsible for regulatory IT compliance tasks for new and existing non-commercial (e.g., GE Enterprise) products and processes for the Digital business organization.

This role is fully remote/home based but will require quarterly travel to our GE office/s and occasionally to relevant conferences and events.

*Please note* SC Clearance is required for this role. Due to the nature of this position, we cannot accept applications from people who cannot obtain SC clearance.

Job Description

In this role, you would:

• Perform compliance assessments and data security governance reviews for internal and

external service providers/product owners utilising established IT risk assessment frameworks and assessment programs

• Assist with the Implementation of industry compliance frameworks and/or compliance regulations (HMG/UK MOD Requirements, ISO27001/2 Standards, UK/EU DPA/GDPR Personal Data Protection

Requirements)

• Assist in the maintenance UK Cyber Essentials Scheme certification / UK DCPP Cyber Security

Model (CSM) and US NIST CMMC compliance

Assist in submission of Supplier Assurance Questionnaires (SAQs) and conduct Risk Assessments (RAs) as part of CSM and similar Supply Chain assurance processes

Assist in the submission of  DART/SbD Accreditation/Assurance and Risk Balance Case Submissions in coordination with Infrastructure/Application Owners and UK MOD CyDR CySAAS

Conduct Firewall/Security Compliance Reviews and contribute to Architectural Reviews

Support Legal, Contract, Bid Teams and Functional Compliance Owners with contract reviews and customer/supplier negotiations – cybersecurity and information assurance compliance aspects

• Assist in coordination/response to MODCERT alerts/directives and submission of WARP Incident Reports

• Provide practical recommendations to infrastructure/application/product owners to remediate control gaps based on risks

• Work in close daily partnership with UK, US and International Digital Technology and Cyber

teams across entire technology stack

• Work proactively as part of a cross-functional team engaging with, taking advice from and providing advice to: contracts, product, engineering, security, sourcing, legal, and compliance

Interpret regulatory and contractual requirements, stay current and utilise industry standards and best practices to drive improvements in overall security posture of infrastructure,

applications and services

• Manage the documentation and response to regulatory compliance risk exceptions and

acceptances to ensure the appropriate level of business oversight

Support the UK Cybersecurity Officer

Education Qualification

Bachelors Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and

Math) or Vocational Equivalent, with advanced experience

Desired Characteristics

Experience in designing, enhancing and implementing processes (lean experience a plus)

CISSP/CISM/CISA certification – ISO27001 Lead Implementer/Auditor, MCIIS, ITPC, CCP or ex- CLAS a plus

Experience in identification and remediation of security threats and risks

Experience auditing technologies (e.g. Oracle ERP, Oracle Database, MS SQL, Windows, Unix, Linux, Cloud, etc)

• Familiar with HMG/MOD Information Assurance Standards and Requirements (e.g. HMG

SPF/GovS-007, NCSC & CPNI Guidance, UK MOD JSP 440, JSP 604, DEFCON 658, DEFSTAN 05-

138, etc) - familiarity with International Standards and Requirements (e.g. US NIST SP 800-53, SP800-171/2, CMMC, FAR/DFARS, NATO, OCCAR, AU DSD, etc) a plus

• Familiar with enterprise infrastructure designs and concepts including Authentication,

Logging, Interconnectivity, Internet and Application Proxy, Cloud Computing, Data Centre Hosting, Application Code Security, Virtual Computing, Database Administration, Data Storage, Data Backup, Encryption, Middleware, Firewall Policy, Operational Technology, Network Segmentation, Mainframe, etc. experience of NCSC architectural patterns and security principles a plus

Strong functional team player with experience working seamlessly across a heavily matrixed

structure

Excellent interpersonal, written/verbal communication and leadership skills with the ability to quickly build credibility, influence and make recommendations to all levels

Flexible Working

This role is fully remote/home based but will require quarterly travel to our GE office/s and occasionally to relevant conferences and events.

Total Reward

At GE Aviation we understand the importance of Total Reward.  Our flexible benefits plan, called FlexChoice, gives you freedom, choice and flexibility in the way you receive your benefits, as well as giving you the opportunity to make savings where possible.

As a new joiner to GE we are pleased to be able to offer you the following as default in your benefit fund, which you then can tailor to meet your individual needs;

•   Non-contributory Pension

•   Life Assurance

•   Group income protection

•   Private medical cover

•   Holiday Hourly equivalent of 26 days, with flexible option to buy or sell

Right to Work

Applications from job seekers who require sponsorship to work in the UK are welcome and will be considered alongside all other applications. However, under the applicable UK immigration rules as may be in place from time to time, it may be that candidates who do not currently have the right to work in the UK may not be appointed to a post if a suitably qualified, experienced and skilled candidate who does not require sponsorship is available to take up the post. For further information please visit the UK Visas and Immigration website.

UK Security Clearance

UK Security Clearance (SC) is required and must be maintained for this role. Candidates who do not meet the minimum requirements for UK Security Clearance are not eligible for this role on grounds of national security. If UK Security Clearance is not obtained, any offer of employment may be withdrawn on grounds of national security.

Additional Information

Relocation Assistance Provided: No

Company Details
GE Aerospace
18000 Phantom W
Victorville, California 92394 USA
www.geaerospace.com/
660 Open Jobs Available
GE Aerospace is a world-leading provider of jet and turboprop engines, components and integrated systems for commercial, military, business and general aviation aircraft. At GE Aerospace, we believe the world works better when it flies.
(Job and company information not to be copied, shared, scraped, or otherwise disseminated/distributed without explicit consent of JSfirm, LLC)
Job Info
Location
Cheltenham, England, United Kingdom
Type
Permanent
Company Details
GE Aerospace
18000 Phantom W
Victorville, California 92394 USA
www.geaerospace.com/
660 Open Jobs Available
GE Aerospace is a world-leading provider of jet and turboprop engines, components and integrated systems for commercial, military, business and general aviation aircraft. At GE Aerospace, we believe the world works better when it flies.

JSfirm, LLC

Roanoke, TX

jobs@jsfirm.com

JSfirm LLC, Privacy Policy

All rights reserved. 2001-2024 JSfirm