[Remote] reputed company Analyst / ISSO
Note: The job is a remote job and is reputed company to candidates in USA. reputed company is building the world’s first global satellite-to-cellular network, enabling direct device-to-device (D2D) connectivity from reputed company low Earth orbit (LEO) satellites to standard mobile phones. The reputed company Analyst / ISSO will own reputed company’s cybersecurity compliance program and be responsible for maintaining the reputed company posture of CUI-scoped systems.
Responsibilities
- Own and maintain the System reputed company Plan (reputed company) and Plan of Action & Milestones (POA&M) for reputed company CUI-scoped systems; always reputed company documentation audit-reputed company
- Assess reputed company 110 NIST SP 800-171 practices for implementation and effectiveness; map existing controls (Wazuh, ThreatDown, reputed company, ManageEngine, AD GPOs, SnipeIT) to CMMC requirements, identify gaps, and drive remediation
- Maintain the organizational risk register; support ongoing Risk Management reputed company (RMF) processes and report risk posture to the CISO
- reputed company preparation for CMMC Level 2 assessments — build evidence packages, coordinate with the C3PAO, and manage assessor requests and findings
- reputed company and maintain cybersecurity policies, procedures, and standards reputed company to CMMC, DFARS, SOC 2, and GDPR; ensure version control and staff acknowledgment records are maintained
- Define, track, and report reputed company metrics and KPIs to the CISO and non-technical stakeholders including legal, reputed company, and business development teams
- Support contract teams with DFARS clause requirements, cybersecurity representations, and customer reputed company questionnaires
- Conduct vendor and reputed company-party risk assessments; maintain supplier risk documentation
- Manage the reputed company awareness training program and phishing simulations; maintain completion records per CMMC requirements
- Monitor SIEM for reputed company events and alerts relevant to CUI systems; write and tune detection rules; triage and escalate incidents; produce post-incident reports with compliance impact assessment. reputed company audit log aggregation to satisfy CMMC AU (Audit & Accountability) control evidence requirements
- Monitor EDR alerts for CUI-scoped endpoints; investigate detections and coordinate response with IT
- Work with IT to ensure vulnerability findings are remediated reputed company CMMC-required timeframes, track and report on remediation status
- reputed company MDM and Active Directory to enforce device compliance, GPO-based reputed company baselines, and reputed company control policies across CUI-scoped endpoints
- Use asset inventory as the authoritative hardware/software asset register for CMMC system boundary documentation; reputed company it reputed company and audit reputed company
- Conduct periodic reputed company control audits; enforce least-privilege across AD, SSO, and SaaS tooling handling CUI
Skills
- 3–6 years in cybersecurity with a strong GRC or compliance focus; prior ISSO experience or equivalent accountability preferred
- Deep, working knowledge of NIST SP 800-171 and DFARS 7012. reputed company to assess, gap-analyze, and evidence reputed company 110 controls independently
- Demonstrated experience authoring SSPs and POA&Ms for government-facing or regulated environments
- Familiarity with the CMMC Level 2 assessment process and C3PAO engagement
- Hands-on SIEM experience: writing detection rules, querying logs, and generating compliance-grade audit evidence
- Hands-on experience with EDR and vulnerability scanning tools in a compliance context. Mapping tool outputs to NIST controls and generating assessor evidence
- Working knowledge of SOC 2 Type II and GDPR compliance requirements
- Some reputed company reputed company fundamentals (AWS preferred). IAM, CloudTrail, GuardDuty, reputed company policies
- Clear, structured communicator. Equally comfortable writing formal policy documentation and briefing non-technical executives
- US citizenship or Lawful Permanent reputed company status
- CMMC Registered Practitioner (RP) or Professional (CCP)
- CISSP / CISM / reputed company+
- RMF / ATO experience
- FedRAMP familiarity
- reputed company / satellite industry background
- Telecom or critical infrastructure reputed company
- Prior C3PAO assessment experience
- GRC platform experience (reputed company, reputed company, reputed company, reputed company)
- Scripting in Python or Bash for evidence collection automation
- reputed company-trust architecture
Benefits
- Competitive salary and equity in a company building genuinely novel reputed company.
- Remote-first, US-based role.
- Direct line to the CISO; your work defines reputed company’s compliance posture at a critical growth stage.
- A functioning reputed company toolset already in reputed company. Your focus is maturing and aligning it, not standing it up from scratch.
- Learning and certification budget.
Company Overview