Lead Cybersecurity Engineer - Compliance Oshkosh, WI

Direct Hire

Length of assignment: Direct Hire

Salary Range: $K - $K depending on experience.

Hybrid days a week onsite at corp. Oshkosh, WI

However, we are also open to candidates based out of the following office locations:

McConnellsburg, PA

Hagerstown, MD

Orlando, FL

Reason for Request: Backfill-internal change.

Travel details: If candidate is not local to corp. (Oshkosh, WI) office, they will need to travel times a year to corp.

Top required skills and preferred skills:

. Strong tech background-must be able to translate cybersecurity regulations and requirements into technical controls to advise the engineering team.

. Participated or led cybersecurity compliance assessments: CMMC or ISO certification

. Documented and demonstrated experience with defense regulatory compliance like CMMC, NIST, and DFARS.

Interview Process:

st interview will be via Teams video.

nd and final interview will be onsite.

JOB SUMMARY:

Client designs and builds mission-critical vehicles and technology for defense, municipal and commercial customers worldwide. Protecting the confidentiality, integrity and availability of our information assets is foundational to that mission. You will be part of our cybersecurity-compliance program—guiding teams to through CMMC, UK Cyber Essentials, PCI DSS and other regulatory certifications—and serve as the expert who turns requirements into pragmatic, risk-based controls.

WORK LOCATION

This position follows Corporation’s hybrid work model, with three days in-office and two days remote each week.

The preferred location for this role is at our Global Headquarters in Oshkosh, WI, with relocation assistance available for candidates who are not local.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

These duties are not meant to be all-inclusive, and other duties may be assigned.

Participate in or lead Cybersecurity compliance efforts across the organization, including preparation for, scheduling, and leading assessments ( CMMC).

Translate Cybersecurity control requirements into system level configurations and interpret system security capabilities for compliance requirements.

Prepare reports detailing policy, standard, process, and control gaps related to compliance requirements and provide remediation recommendations.

Work with management as the subject matter expert to develop program budgets and associated projects. Coordinate with IT and business regional leads to develop or modify compliance plans and strategies for different cultures, nationalities, and languages.

Experience leading or conducting IT audits including the ability to distill technical data down to stakeholder understanding in non-technical means. Keep informed on the latest research, trends, and developments in all regulatory compliance areas.

Serve as a trusted advisor to business functional areas (, Finance, HR, Engineering) and/or internal IT resources (such as infrastructure, apps, IT services.).

Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance. Maintain expert awareness of all aspects of information security and compliance, including PCI, and SOC requirements for information systems and industry best practices, such as, NIST -, -, .

Contribute to the development and maintenance of the Cybersecurity strategy.

MINIMUM QUALIFICATIONS:

Bachelor’s degree in Cybersecurity, Information Systems, Communications, Computer Science or equivalent.

Six () or more years of experience in cybersecurity including direct involvement with regulatory or framework compliance (CMMC, NIST -, PCI, ISO , SOC, FAR, DFARS, etc.)

PREFERRED QUALIFICATIONS:

Graduate degree in Cybersecurity, Information Systems, Management or equivalent.

Relevant industry recognized certifications (CISSP, CEH, GIAC, Security+, SSAP, etc.)

In-depth Knowledge and experience with regulatory compliance models (NIST, HIPAA, PCI, ISO, etc.).

Hands-on design or operations background in at least one DT domain (infrastructure, cloud, or application development).

Demonstrated knowledge of security controls for network, applications, and operating systems.

Demonstrated conceptual, analytical, and innovative problem-solving and evaluative skills.

Experience communicating conceptual and technical information both verbally (on phone, one-on-one, to groups) and in writing (emails, letters, reports, presentations) to various audiences (work group, team, company management, external clients).

Experience with projects or issues of high complexity that require in-depth knowledge across multiple technical areas and lines of business.

Experience conducting or leading IT audits.

Hold an active or can obtain a Government Secret level or above clearance.

Experience drafting information security policies, procedures, and standards.

Experience testing effectiveness and adherence of cybersecurity controls.

Translate complex contractual and regulatory requirements into actionable information system configurations.

Experience collaborating in cross-functional work environments.

BASIC COMPETENCIES:

Internal Contacts: Contact with employees or others primarily at a routine level involving basic information exchange; Contact with peers and others involving explanation of information (these contacts may be within or outside department or division), and the gathering of factual information; may include the communication of sensitive or confidential information; Contact across departments or divisions with employees involving persuasion of others, absent formal authority, to conform to a policy interpretation or recommend course of action.

External Contacts: External contact involving a requirement to maintain a continuing external working relationship with individuals, or organizations.

Communication Skills: Read, write, and comprehend simple instructions, short correspondence and memos; Read and interpret safety rules, operating/maintenance instructions and procedure manuals; Write routine reports, correspondence and speak effectively before both internal and external groups; Read, analyze and interpret business manuals, technical procedures and/or government regulations.

Decision-Making: Regularly makes decisions of responsibility, involving evaluation or information. Decisions may require development or application of alternatives or precedents.

Complexity, Judgment and Problem Solving: Typically difficult or complex work. Generally governed by broad instructions and objectives usually involving frequently changing conditions and problems.

Supervisory/Managerial: General instructing, scheduling, and reviewing the work of others performing the same or directly related work. Acts as “lead worker”. Job functional supervision only.

WORKING CONDITIONS:

Physical Demands: Frequent Sitting, Hearing, Talking, Visual, Typing, Manual Dexterity. Seldom Standing, Walking/Running, Reaching, Driving, Bending/Kneeling, Fine Dexterity, Upper Extremity Repetitive Motion, Lifting/Carrying lbs., Pushing/Pulling lbs.

Non-Physical Demands: Frequent Analysis/Reasoning, Communication/Interpretation, Math/Mental Computation, Reading, Sustained Mental Activity ( auditing, problem solving, grant writing, composing reports), Writing.

Environmental Demands: Occasional Work Alone. Seldom Frequent Task Changes, Tedious/Exacting Work.

Work Schedule: Routine shift hours. Infrequent overtime, weekend, or shift rotation.

Demands/Deadlines: Occasional stress due to deadlines or workload because of intermittent or cyclical work pressures, or occasional exposure to distressed individuals within the immediate work environment.