US Cyber Security Officer (Remote)

The role of Cyber Security Officer is responsible for interpreting regulatory and contractual requirements, mapping controls, assessing controls and advising IT/OT and business teams on control implementation. The Cyber Security Officer is expected to support activities for security risk management, reporting, policy lifecycle, training and awareness, governance, risk and compliance program delivery, and third-party risk management. This position will be collaborating with stakeholders across various business departments such as IT, Legal and Compliance, and HR to ensure risks are managed effectively and efficiently in accordance with company policies and applicable requirements.

Risk and Compliance:

• Assist in maintaining US Defense certification and accreditation.
• Support risk identification, assessment, response, mitigation, control monitoring, and reporting.
• Gather and evaluate information for auditors, regulators, and compliance partners.
• Develop and perform tests to evaluate key controls.
• Review test findings, identify control weaknesses, and recommend actions.
• Support issue management, risk acceptances, and corrective action programs.
• Deliver high-quality reporting and communicate effectively in technical and business terms.
• Support workforce security activities, including culture, awareness, and training.
• Coordinate and respond to alerts and directives, and submit incident reports.
• Coordinate local incident response activities and liaise with security operations, business, regulators, and third parties.
• Complete supplier assurance questionnaires and conduct risk assessments.

Governance:

• Develop, implement, and maintain governance, risk, and compliance processes.
• Improve security framework, methodology, standards, and internal controls.
• Report findings, track status, and ensure corrective actions.
• Support operational reporting, management communications, and executive governance committees.
• Lead continuous improvement initiatives.
• Maintain relationships with auditors, regulators, and compliance partners.

GRC Systems Administration:

• Support operation and administration of GRC systems for Cyber Security and IT.
• Develop and configure GRC system services and improvements.
• Specialize in questionnaires, workflows, reports, and dashboards.
• Serve as a resource to Cyber Security, IT/OT, and business teams on GRC matters.

Safety First:

• Follow all HSE rules and regulations.

Join our team to enhance our governance, risk, and compliance processes and contribute to our continuous improvement initiatives!

• Bachelor's degree in a technology-related field or equivalent experience.
• 3+ years of experience in security and compliance which includes experience in cyber security governance, risk, and compliance management, as well as awareness of cyber threats and vulnerabilities.
• Proficiency in writing policies, procedures, and controls for various standards and frameworks, andthe ability to work inlarge, highly regulated environments.
• Proven knowledge of aerospace regulations and export control requirements and understanding of risk management processes.
• Provenexperience in CMMC andNIST SP 800-171, NIST SP 800-53Frameworks.
• Experience in coordinating third-party assessments.
• US Person per ITAR regulations to comply with export compliance requirements.

Preferred Qualifications:

• Capability to work independently and handle ambiguity.
• Knowledge of computer networking concepts and network/system security methodologies.
• Familiarity with RMF for US DoD security programs and risk management practices.
• Understanding of NISPOM, JSIG, ICD 503, and DCSA DAAPM.
• Knowledge of DISA STIG or equivalent implementation guidance.
• Professional security certifications like CISSP, CISM, or similar.