Cyber Security Risk & Compliance Specialist

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or a related field (Master’s preferred).
• CompTIA Security+ required.
• Experience conducting Nessus Security scans
• Demonstrated experience authoring SSPs, policies, procedures, and audit evidence.
• Familiarity with log collection, analysis, and security monitoring.
• Experience working through the NIST SP 800-37 Risk Management Framework Accreditation Process
• Linux and Windows administration
• Configuration management
• Documentation tooling (version control, document management systems)
• Strong technical security acumen
• Exceptional written documentation skills
• Ability to translate technical systems into audit‑ready narratives
• Analytical mindset with strong attention to detail
• Collaborative and communicative across engineering teams
• Ability to prioritize compliance fundamentals under tight timelines

Nice To Haves

• CISSP or equivalent certification preferred.
• Knowledge of public‑safety radio systems, LMR, or P25 infrastructure
• Federal Experience bringing suppliers through Authorization to Operate (ATO)

Responsibilities

• Create and Maintain A&A documentation needed for Certification and Accreditation, including SSP, SAR, and RAR documents.
• Create, track and manage the Plan of Action & Milestones (POA&Ms) for identified security vulnerabilities and deficiencies.
• Ensure compliance with organizational security policies
• Support system owners in completing security-related responsibilities
• Implement and enforce security controls as documented in the SSP
• Conduct regular assessments to verify proper operation
• Identify security controls tailored to security objectives
• Continuous monitoring responsibilities, including reviewing security logs, analyzing vulnerabilities, and tracking remediation efforts.
• Partner with infrastructure, radio, network, and software teams to embed security and compliance into system design.