Cybersecurity Compliance Advisory Analyst I
Sierra Nevada Corporation · Sparks, NV · 1 mo ago
Information TechnologyFull-time
About the role
We may have the perfect opportunity for you. As a Cybersecurity Compliance Advisory Analyst I at Sierra Nevada Company, you will be an integral part of our Governance, Risk, and Compliance (GRC) team.
Responsibilities
- Support the GRC team in developing and maintaining a unified CMMC 2.0 and DFARS compliance program across the organization.
- Assist in interpreting and translating cybersecurity regulations (NIST SP 800-171, CMMC 2.0, and DFARS 252.204-7012) into actionable guidance for internal stakeholders.
- Help system owners gather and organize documentation in preparation for internal and external assessments, readiness reviews, and mock assessments.
- Research and track evolving cybersecurity regulations, standards, and best practices relevant to the Defense Industrial Base (DIB).
- Aid in reviewing contracts and solicitations to identify applicable cybersecurity requirements and compliance obligations.
- Support monitoring of supplier and vendor cybersecurity compliance against contractual obligations and regulatory standards.
Qualifications
- You Must Have: Bachelor's degree in a related field. 0-2 years in a related role. Relevant experience can be considered as a substitute for the required educational qualifications. In the absence of a degree, a minimum of 4 years of related experience is required.
- Basic understanding of cybersecurity principles and practices.
- Familiarity with network security, threat analysis, and incident response.
- Knowledge of data security administration principles, methods, and techniques.
- Fundamental understanding of, or strong desire to learn, NIST SP 800-171, DFARS 252.204-7012, and the Cybersecurity Maturity Model Certification (CMMC) 2.0.
- Strong analytical and organizational skills, with keen attention to detail.
- Strong written and verbal communication skills, with the ability to translate complex regulatory requirements into clear, actionable guidance.
- The ability to obtain and maintain a Top Secret U.S. Security Clearance is required.
Qualifications We Prefer
- Ability to read and interpret security and technical documentation.
- Proven track record of maintaining the confidentiality of high-sensitivity projects and data.
- Internship or project experience related to cybersecurity compliance, IT audit, or governance, risk, and compliance (GRC).
- Familiarity with contract language, procurement processes, or supply chain concepts within a government contracting environment.
- Familiarity with ISO 9001 or similar quality management frameworks.
- Relevant entry-level certifications (e.g., CompTIA A+, Network+, Security+) are a plus, but not required.
- Exposure to or academic coursework in federal regulatory frameworks, defense acquisition, or government contracting.