Cyber Risk & Compliance Specialist

York Space Systems•Greenwood Village, CO

1d•$115,000 - $125,000•Onsite

About The Position

York Space Systems is seeking a Cyber Risk & Compliance Specialist to support the execution and administration of the company's cybersecurity governance, risk, and compliance programs. This role will work closely with cybersecurity leadership and senior team members to coordinate evidence collection, compliance activities, risk management processes, audit support, and governance initiatives. This position is ideal for an early-to-mid career cybersecurity professional seeking to develop expertise in cybersecurity governance, compliance, risk management, and defense industry cybersecurity requirements.

Requirements

3+ years of cybersecurity, compliance, audit, governance, risk management, or related experience
Familiarity with cybersecurity frameworks such as NIST SP 800-171, NIST CSF, CMMC, RMF, ISO 27001, SOC 2, or similar frameworks
Strong organizational and documentation skills
Experience working with compliance management, audit management, or GRC platforms
Strong written and verbal communication skills
Ability to coordinate activities across multiple teams and stakeholders
Strong attention to detail and ability to manage multiple priorities
Ability to obtain a US Security Clearance
Willingness to work onsite at our Greenwood Village, CO office
US Citizenship

Nice To Haves

Supporting defense, aerospace, government contracting, or highly regulated environments
Supporting Microsoft GCC High environments
Hyperproof or similar GRC platforms
Supporting cybersecurity audits or compliance assessments
Familiarity with CMMC and NIST SP 800-171 requirements
Security+
CMMC CCP
CISA
SSCP

Responsibilities

Coordinate cybersecurity compliance evidence collection and maintenance activities
Administer governance, risk, and compliance platforms, including Hyperproof
Support CMMC Level 2 compliance and assessment readiness activities
Coordinate with control owners across the organization to collect, organize, and maintain compliance artifacts
Maintain cybersecurity metrics, dashboards, and reporting
Support risk register administration and remediation tracking
Assist with cybersecurity vendor and third-party risk assessment activities
Support internal and external audits through evidence preparation and coordination
Track POA&M items and remediation progress
Maintain cybersecurity documentation, policies, standards, procedures, and governance artifacts
Support AI governance and cybersecurity governance initiatives
Assist with continuous improvement efforts across cybersecurity compliance and risk management programs
Support cybersecurity awareness, reporting, and governance activities as needed