Jobs · Sales · Colorado

Senior Cyber Risk & Compliance Specialist

York Space Systems · Greenwood Village, CO · 1 wk ago
SalesFull-time

Key Responsibilities

  • Lead CMMC Level 2 implementation, readiness activities, and assessment preparation
  • Own control testing, validation, and compliance monitoring activities
  • Manage and mature the Plan of Action & Milestones (POA&M) program
  • Conduct enterprise cyber risk assessments and facilitate risk management activities
  • Maintain and mature the enterprise cyber risk register
  • Perform control gap analyses and develop remediation recommendations
  • Lead cybersecurity vendor and third-party risk reviews
  • Support SOX IT General Controls (ITGC) compliance activities and audit engagements
  • Coordinate internal and external audit responses
  • Develop, maintain, and improve cybersecurity policies, standards, baselines, and procedures
  • Support enterprise AI governance and cybersecurity governance initiatives
  • Partner with IT, Engineering, Security Operations, Legal, HR, and business stakeholders to drive compliance and risk reduction efforts
  • Independently manage cybersecurity projects and program initiatives from planning through execution

Required Qualifications

  • 7+ years of cybersecurity, risk, compliance, audit, governance, or related experience
  • Experience supporting one or more cybersecurity frameworks such as CMMC, NIST SP 800-171, NIST Cybersecurity Framework (CSF), RMF, ISO 27001, FedRAMP, SOC 2, or SOX
  • Experience conducting risk assessments and control evaluations
  • Experience supporting audits, assessments, or regulatory compliance initiatives
  • Strong understanding of cybersecurity risk management principles
  • Excellent written and verbal communication skills
  • Ability to work effectively across technical and non-technical teams
  • Strong project management and organizational skills
  • Ability to obtain a US security clearance

Preferred Qualifications

  • Experience in the following areas: Supporting defense, aerospace, government contracting, or highly regulated environments
  • Supporting Microsoft GCC High environments
  • Experience with Hyperproof or similar GRC platforms
  • Supporting cybersecurity governance initiatives in cloud and hybrid enterprise environments
  • Experience in supporting AI governance, data governance, or emerging technology governance programs

Similar jobs