IT Governance Analyst

About

Ontic is a leading global aerospace OEM trusted by the world’s aviation leaders. Ontic’s Creedmoor, NC, site is home to a number of specialist companies within the Ontic Group, including Firstmark, Twin Commander, and Metro Merlin. With over 1,300 employees across four time zones and seven sites, we have more than doubled in size since 2019 and are continuing to grow.

Location & Details

• Location: Creedmoor, North Carolina
• Time type: Full time
• Posted: 18 Days Ago
• Job requisition: R5174
• Work structure: Onsite in Creedmoor, NC

Role

• Title: IT Governance Analyst
• Reports to: IT Security & Governance Manager

Requirements

• Strong understanding of governance frameworks and their implementation
• Experience in risk management and compliance
• In-depth experience with Microsoft 365 suite of tools
• Strong understanding of cybersecurity principles, general knowledge of cybersecurity technologies, and industry‑recognised certifications
• Good understanding of ITAR rules and regulations
• Ability to make recommendations to remediate complex security threats
• General knowledge of cybersecurity vulnerability assessments, penetration tests, and the tools/techniques involved
• Ability to be comfortable working on multiple, complex issues and projects within defined timelines
• Demonstrated understanding of compliance regulations and Information Security control frameworks and standards (i.e., NIST, UK GDPR, FedRAMP, CMMC, ISO 27001, PCI, SOX, HIPPA)
• Knowledge of physical cabling for network communications and control system Input/Output
• Ability to introduce and explain highly technical topics to non‑technical audiences

Responsibilities

• Assist in the development and implementation of several IT and Cybersecurity frameworks across the enterprise
• Ensure compliance with all relevant security regulations and standards
• Monitor and report on adherence to governmental standards and security frameworks
• Identify risks from non‑compliance and recommend mitigation strategies to manage those risks
• Implement mitigation strategies as directed
• Work closely with stakeholders to ensure a unified approach to standard adherence
• Assist and support in any audits of the company’s adherence to various security standards; specifically ISO 27001, Cybersecurity Maturity Model Certification (CMMC), NIST SP 800‑171, NIST SP 800‑171A, NIST SP 800‑172, Sarbanes‑Oxley (SOX), and others (knowledge of EASA would also be useful)
• Influence the development of policies and procedures to ensure they contribute to the maintenance of various regulatory standards
• Liaise with the Compliance department to ensure success across company boundaries
• Stay current and up to date with frameworks including ISO 27001, CMMC, NIST, SOX, and others
• Successfully communicate identified risks to various stakeholders in a manner that they can most easily understand
• Support the daily maintenance activities and response where necessary

Benefits

• Comprehensive medical insurance
• Competitive PTO, holiday pay, and sick leave
• Company 401K plan with up to 4% matched contribution
• Annual bonus program (varies by level and discretionary based on company and individual performance)
• Flexible working arrangements
• Paid volunteering opportunities
• Access to mental health champions across our sites
• Commitment to development
• Employee referral program

Salary

• Salary Range: $105,000 – $115,000 per year, based on experience

Equal Opportunity / Compliance

• Ontic Engineering and Manufacturing Inc. is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including sexual orientation and gender identity), national origin, disability, protected Veteran status, or any other characteristic protected by applicable federal, state, or local law.
• This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, asylee, or refugee.

#LI-Onsite
#J-18808-Ljbffr