Howmet Aerospace is currently in search of a Cybersecurity Compliance Specialist to join our Global Information Services (GIS) team in Pittsburgh, PA.

　　This position has global (domestic and international) accountabilities for all location operating units as well as GIS worldwide. Primary purpose is to provide professional-level support for the company's cyber security initiatives, projects, and ongoing activities.

　　Major Activities/Key Challenges:

　　Partner with Cybersecurity Maturity Model Certification (CMMC) Senior Operations Manager in all aspects of CMMC Operations Management

　　Facilitate design, plan and manage overall assessments including logistics and documentation release during assessments including various Compliance Assessments (self, scheduled, and on-demand), CMMC (CyberAB/Certified 3rd Party Assessment Organization (C3PAO)), Defense Industrial Base Cybersecurity Assessment Center (DIBCAC), State Dept. etc. In partnership with Corporate Communications, validate Controlled Unclassified Information (CUI)/Federal Contract Information (FCI), ensuring CUI/FCI is not within externally facing communications

　　Lead the quarterly Authorization to Operate (ATO) and Assessment and Authorization (A&A) meetings

　　Proactively plan and support CMMC control changes/updates/realignments and review the controls for applicability or re-implementation

　　Track and facilitate Policy/Standard/Procedure review and update cadence

　　Store and manage limited CUI (e.g., Assessment Results, out briefs, Reclama forms/submissions, etc.)

　　Track Plan of Action and Milestones (POA&Ms) and Risk, Actions, Issues & Decisions (RAID) items

　　Perform cybersecurity and CMMC Risk Management and Risk tracking as needed

　　Maintain and update Corporate Commercial and Government Entity (CAGE) code and Supplier Performance Risk System (SPRS) reporting

　　Manage and facilitate continuous monitoring of CMMC controls (10+ controls/month)

　　Provide guidance to Business Unit Assessments in collaboration with the Sr. CMMC Operations Manager

　　Stay up to date with cyber security policies and trends, developing mappings between different compliance program requirements and National Institute of Standards and Technology (NIST) special publications Provide expertise and interpretation of requirements (NIST, Defense Federal Acquisition Regulation Supplement (DFARS), CMMC, etc.) to different Resource Units and Business Units

　　Coordinate continuous monitoring of controls and updates with different technology areas (Applications, Infrastructure, Network, Security, etc.) and functional areas (Compliance, Human Resources, Internal Audit, Legal, Physical Security, Procurement, etc.) regarding CMMC

　　Perform other duties as assigned, aligned to attain and maintain Cybersecurity Maturity Model Certification (CMMC)

　　Skills:

　　Leadership, Organizational skills, and discipline to build, manage, and maintain structured plans

　　Able to build and maintain strong, trusting collaborative relationships

　　Ability to create and think through complex technical problems and identify/resolve gaps

　　Solid decision-making skills to swiftly and objectively view and assess cyber security alternatives

　　Interpersonal skills to manage often difficult or highly technical conditions

　　Self-motivated, results driven and accountable for their actions. Capable of taking initiative to proactively problem solve and identify solutions with minimal oversight

　　Agile and flexible, able to pivot and react quickly and effectively to new and high priority needs

　　Works equally well whether independently or as part of a physical or virtual, global team

　　Ability to work with data of highest sensitivity in complete confidence

　　A team player, value working as part of a diverse workforce and inclusive work environment

　　Basic Qualifications

　　Bachelor’s degree in computer science, Information Systems or Cybersecurity from an accredited institution or an Associate’s degree with 5 years of experience in IT, with a minimum 3 years of that in cyber security disciplines

　　Minimum 2 years of experience with DFARS 7012, NIST 800-171 and other NIST publications

　　Minimum 1 year of experience with various data types such as Controlled Unclassified Information (CUI), Controlled technical Information (CTI), Federal Contract Information (FCI), International Traffic in Arms Regulations (ITAR), or Export Administration Regulation (EAR99)

　　Employees must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of Hire. Visa sponsorship is not available for this position

　　Preferred Qualifications:

　　Demonstrated experience in and exposure to Compliance programs especially CMMC and DIBCAC

　　Experience managing security in a manufacturing environment

　　Security related Certifications such as CISSP, Security+, CISA

　　CMMC Certifications such as CMMC-RP and/or CMMC CCP

　　Experience with and/or robust understanding of POA&Ms, assessment processes, risk management, procedure analysis

　　Experience successfully implementing NIST 800-171 / CMMC / ITAR / Sarbanes–Oxley Act (SOX) security controls

　　Salary Range: $110 – 125k/year approximation (Actual compensation is subject to variation due to factors such as education, experience, skillset, and/or location).

　　About Howmet Aerospace

　　Howmet Aerospace Inc. (NYSE: HWM), headquartered in Pittsburgh, Pennsylvania, is a leading global provider of advanced engineered solutions for the aerospace and transportation industries. The Company’s sales for 2022 approximated $5.7 billion. The Company’s primary businesses focus on jet engine components, aerospace fastening systems, titanium structural parts and forged wheels. With nearly 1,150 granted and pending patents, the Company’s differentiated technologies promote more fuel efficiency for aircraft and commercial transportation. For more information, visit www.howmet.com, including content shared during the Company’s May 2022 Technology Day.

　　Follow: LinkedIn (https://www.linkedin.com/company/howmet-aerospace) , Twitter (https://twitter.com/howmetaerospace) , Instagram (https://www.instagram.com/howmetaerospace/) , Facebook (https://www.facebook.com/Howmetaerospace/) , and YouTube (https://www.youtube.com/howmetaerospace) .

　　Howmet is proud to be an Equal Employment Opportunity and Affirmative Action employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

　　We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

　　If you need assistance to complete your application due to a disability, please email [email protected]