About the Role
We are seeking a Cybersecurity Specialist with 7–10 years of total professional experience and at least 1–2 years of hands-on ISSO experience. This is a career growth opportunity—ideal for someone who is highly driven, ready to deepen their expertise, and aspires to roles such as future CISO, but has not already served in executive leadership roles. You’ll work alongside a team of security experts to help clients meet cybersecurity compliance requirements, including CMMC, FedRAMP, and FDA regulations, while being exposed to and trained in additional domains such as PCI-DSS, HITRUST, ISO 27001, and military COMSEC practices.Key Responsibilities
- Work collaboratively within a team of cybersecurity professionals supporting client delivery and security program development.
- Implement and maintain security programs aligned with CMMC, FedRAMP, and FDA cybersecurity compliance.
- Draft, edit, and manage high-quality security documentation, including:
- System Security Plans (SSPs)
- Plans of Action and Milestones (POA&Ms)
- Incident Response Plans
- Security policies, procedures, and network/boundary diagrams
- Perform gap assessments, control implementations, and readiness reviews.
- Track complex activities and manage timelines with exceptional attention to detail.
- Participate in client meetings, status briefings, and remediation planning.
- Rapidly learn and apply new frameworks and standards beyond public sector requirements (e.g., PCI-DSS, HITRUST, ISO).
- Support system ATO efforts, vulnerability management activities, and continuous monitoring.
Qualifications
- 7–10 years of professional experience in information security, cybersecurity, or IT risk management roles.
- 1–2 years of direct experience as an Information System Security Officer (ISSO).
- Hands-on experience with at least one of the following frameworks: CMMC, FedRAMP, or FDA cybersecurity.
- Strong ability to write and maintain security documentation quickly and clearly.
- Highly organized, capable of tracking multiple workstreams without losing sight of priorities.
- Ability to move fast, execute with discipline, and deliver under deadlines.
- Strong work ethic, self-motivated, and committed to delivering excellent results.
- Eagerness to learn new compliance domains, including commercial frameworks like PCI-DSS, HITRUST, ISO 27001, and/or military COMSEC practices.
- Excellent written and verbal communication skills in technical and client-facing contexts.
- Aspiring CISOs welcome. This role is a launchpad, not a final destination.
What We Offer
- A mission-driven culture supporting national security, healthcare, and defense compliance needs.
- Exposure to multiple frameworks and industries to build a well-rounded cybersecurity skill set.
- A fast-paced, supportive environment with mentorship and career advancement.
- A strong, team-based culture where excellence, speed, and precision are celebrated.
Additional Considerations
- Technical Proficiency: Experience with cloud environments (AWS, Azure, GCP) and associated security services is highly advantageous when advising on FedRAMP or CMMC compliance.
- Soft Skills: Strong communication, presentation, and project management skills are critical for guiding teams through complex compliance requirements and for interfacing with quazi-governmental entities.