Cybersecurity Controls Assessor

About The Position

Requirements

• Associate’s degree in Information Technology, Cybersecurity, Information Systems or and 7+ years of relevant IT experience, OR Bachelor’s degree in Information Technology, Cybersecurity, Information Systems and 5+ years of relevant IT experience, OR Master’s degree in Information Technology, Cybersecurity, Information Systems, and 3+ years of relevant IT experience, OR PhD and no years of experience, OR 9+ years of experience in lieu of degree

Nice To Haves

• Experience working on NIST RMF or controls assessment
• Experience as a SOC Security Analyst and familiarity with industry leading security products such as SIEMs and networking mapping, vulnerability scanning and packet capture and data analytics tools
• Experience of network anomaly detection using traffic analysis or network intruder detection systems
• A basic understanding of the cyber kill chain in relation to Advanced Persistent Threats (APTs)
• Experience and knowledge of threat actor tactics, techniques and procedures, vulnerabilities, attacks and countermeasures.
• Experience of presenting on cyber security issues
• Experience in the aerospace industry or working with DoD / U.S. federal government programs

Responsibilities

• Conduct security control assessments against CMMC and/or NIST SP 800-53 (and related standards as applicable).
• Plan assessment activities: scope, methodology, schedules, evidence requests, interviews, and sampling.
• Evaluate control implementation and effectiveness through documentation review, technical validation, and stakeholder walkthroughs.
• Collect, validate, and organize assessment evidence; maintain clear traceability from requirements to test results.
• Produce assessment deliverables such as control test plans, assessment reports, findings/risk statements, POA&Ms, and executive summaries.
• Identify control gaps and provide practical remediation recommendations aligned to risk and operational constraints.
• Partner with engineering, IT, security, and program teams to validate remediation and perform follow-up testing.
• Support governance activities including policy/standard updates, risk register inputs, and continuous monitoring improvements.
• Contribute to audit readiness and compliance support for federal/DoD-aligned environments (e.g., SSP/assessment artifacts as relevant).
• Maintain professional documentation standards and ensure consistent assessment quality across programs.

Benefits

• bonus
• employee support assistance
• employee discounts
• health, dental, vision, disability, life and accidental death & dismemberment insurance
• a flexible spending account
• a health savings account
• a 401(k) retirement savings plan with a company match
• Employee Assistance Program
• Paid Time Off
• certain paid holidays
• paid parental and family care leave
• tuition reimbursement
• a long-term incentive plan