Job Description

Job Title: Security Compliance Officer

Client & ID: Stanford-1418386

Location: Redwood City, Ca (Hybrid or Remote)

Duration: 3 years (poss. ext)

Pay Rate: $80 to $85/hr.w2(flexible)

Job Responsibilities

• In this role, you will lead the overall NIST readiness effort to support the research community, with a particular focus on compliance with NIH requirements, Cybersecurity Maturity Model Certification (CMMC), and NIST SP 800-171 standards. Your leadership will be crucial in enhancing the universityʼs ability to meet these regulatory frameworks and ensure robust information security practices.
• Your primary responsibilities will include executing a comprehensive strategy to prepare the university for an increasing number of security audits and evolving regulatory requirements, emphasizing compliance with CMMC, NIH, and NIST SP 800-171. You will take the lead in developing frameworks that not only meet current cybersecurity standards but also anticipate emerging challenges in the landscape of research-related security. You will closely collaborate with Stanford Research Computing and local Stanford IT groups to implement and refine security controls that align with regulatory

Typical Activities

• Lead the development and execution of a comprehensive strategy of NIST readiness to prepare the university for security audits and regulatory requirements, with a specific emphasis on compliance with NIH, Cybersecurity Maturity Model Certification (CMMC) and NIST SP 800-171 standards.
• Develop a risk assessment framework and create a process to conduct comprehensive risk assessments, identifying potential security threats and implementing effective mitigation strategies to minimize risks to the organizationʼs assets and data.
• Collaborate with the third-party for the development of System Security Plans (SSPs) that outline the security controls in place for the university's information systems and ensure they align with regulatory requirements.
• Ensure that the actions pertaining to cybersecurity listed in the Plan of Actions and Milestones (POA&M) are executed effectively to meet compliance with industry regulations, best practices, and the university's risk management framework, including NIH, NIST, ISO 27001, HIPAA, and PCI DSS.
• Develop, maintain, and enforce information security policies, procedures, and standards in line with industry regulations, best practices, and the organization's risk management program.
• Ensure compliance with security policies, regulations, and standards, such as NIST, ISO 27001, HIPAA, and PCI DSS, and provide regular updates to stakeholders on changes in requirements.

Requirements:

Minimum Education & Experience

Youʼre a well-rounded, critical thinker with a bachelorʼs degree (or equivalent experience).

A minimum of seven years of experience in information security, risk management, or compliance.

Qualification

Proven experience in information security, risk management, and compliance with a focus on establishing robust security framework

In-depth understanding of industry standards and regulations, particularly NIST & HIPAA.

Strong analytical and critical thinking skills, with a demonstrated ability to identify, assess, and mitigate complex security risks effectively.

● Significant experience in leading security audits, risk assessments, and vulnerability assessments to ensure compliance and enhance security measures.

● Comprehensive knowledge of security technologies, including encryption methods, firewalls, intrusion detection systems, and Security Information and Event Management (SIEM) solutions.

● Multiple years of experience in a leadership role within a cybersecurity, information security, or compliance-related team, demonstrating the ability to guide and mentor junior staff while driving compliance initiatives.

Exceptional capability to convey complex technical concepts in accessible language to diverse audiences, ensuring effective communication with stakeholders at all levels of technical expertise.

● Strong commitment to professional development and staying current with the latest security threats, technologies, and evolving industry regulations to inform compliance strategies.

About Stanford

Stanford is one of the worldʼs leading universities, supported by diverse staff who share a passion for the Universityʼs teaching, learning, research, and clinical care mission. At Stanford, youʼll find a pervasive culture of excellence, innovation, collaboration, and life-long learning. We work for the greater good. We don't have stock options; thereʼs no profit sharing (because weʼre a non-profit).

Stanford will match-and-double your retirement contributions, help with your dependent's tuition, and provide several healthcare options that include zero deductible plan. Because Stanford is a 501(c)(3) non-profit, you might qualify for the Public Service Loan Forgiveness program with the Dept of Education. Explore some of the many perks enjoyed by our employees at and —

Job Tags

Similar Jobs