Support strategic collaboration initiatives with industry partners, engage stakeholders, develop operational plans, and coordinate cyber defense exercises to enhance critical infrastructure and improve the cybersecurity ecosystem.

Role Description As a Certified CCA Assessor, you’ll work with leading manufacturing, IT, Cloud, professional service organizations, and the Defense Industrial Base (DIB) serving the United States Department of Defense (DOD). You will be part of a team that supports the efforts of these organizations to satisfy DOD's Cybersecurity Maturity Model Certification and related government regulations as an assessor to certify organizations’ compliance with CMMC requirements. All CMMC Assessor positions are full time remote. Occasional or limited travel may vary based on client needs. What you'll do - Support assessing whether members of the DIB have adequately prepared for compliance with CMMC regulations. - Evaluate an organization’s readiness for assessment, which includes tasks such as: - Collect and examine evidence, observe, test and analyze results. - Clearly and effectively score OSC practices and validate preliminary results. - Generate preliminary report findings. - Finalize findings for an assessment report and deliver recommended assessment results. Qualifications - Working knowledge of the controls and implementation of DFARS Clause 252.204-7012 (NIST 800-171). - Direct involvement with building reports that clearly communicate met and not met objectives in accordance with assessment guidelines. - Ability to track detailed tasks and ensure timely delivery of project deliverables. - Excellent communication and problem-solving skills. - Critical thinking, and ability to balance security requirements with mission needs. - Must be well-organized and detail-oriented with the ability to coordinate, prioritize multiple tasks, and be adaptable to change to accomplish assignments. - Ability to work independently and as a part of a team. - Professional and polished interpersonal and communication skills with team members and stakeholders. - Hands-on security and consulting experience. Requirements - Completed Bachelor’s degree from an accredited university, preferably in an IT related field. - US Citizenship Required. - Currently possess completed Tier 3 Suitability with the Cyber AB. - Required: Completed CCA Certification, with completed/active Tier 3 Suitability with the Cyber AB. - Minimum 5 to 7 years of overall experience in the IT Security / Cybersecurity industry. - Overall 3 years in a Client facing role providing risk assessment, advisory services, and/or consulting - ideally in a federal environment. - Previous experience working for a CMMC RPO or C3PAO (Candidate or Authorized), or other 3PAO assessments is preferred. Bonus Points - Additional cybersecurity certifications and experience highly desired (i.e., CISSP, CISM). - Experience with NIST 800-37, NIST 800-53, and FISMA. - Experience with FedRAMP assessments and cloud security. - DIB experience. Benefits - Paid parental leave. - Flexible time off. - Certification and training reimbursement. - Digital mental health and wellbeing support memberships. - Comprehensive insurance options.

• SOC Analysts at AHEAD monitor customer environments and perform Incident Detection, Validation, and Incident Reporting. • SOC Analysts are responsible for triaging events, incidents, and reporting validated incidents to the customer for incident response. • Perform troubleshooting of customer issues. • Monitor security feeds streaming from client servers, network devices, and end user workstations. • Operate and maintain network security equipment at client locations. • Perform information security event analysis and must possess knowledge of operating systems, TCP/IP networking, network attacks, vulnerability management, and log analysis.

Role Description Apkudo’s growth has hit a pivotal point of requiring a dedicated person to take over the more technical aspects of our information security management system and certifications. This role is part of our Apkudo Compliance Team whose mission is to drive a commitment and culture of improvement that ensures we maintain a high level and recognizable standard of compliance, quality and ethics. If you have proven professional experience, detailed knowledge of information security auditing, and want to make Apkudo more productive and efficient, this is the role and place for you! Apply today! Qualifications - Professional experience in information security auditing with a focus on SOC 1 & 2 standards - Detailed knowledge of ISO 27001 standard, ISO Certification Process Audits, and SOC 1 and 2 standards - Experience with AWS and Google Workspace - Strong analytical problem-solving skills and attention to detail - Excellent verbal and written communication skills, as well as strong partnership skills - Experience with cybersecurity and auditing, preferably with 3-5 years of experience - Degree in Computer Science, Computer Engineering, IT, or similar field, or 3+ years of IT security or cybersecurity related work experience Requirements - Manage and enforce Apkudo's SOC 1 & 2 Controls, ensuring that all security practices are compliant with industry standards - Be the main point of contact and liaison with external SOC auditors, facilitating effective communication and resolution of audit findings - Perform regular internal audits for SOC and ISO controls, identifying areas for improvement and ensuring that corrective actions are implemented - Lead the Compliance member of our Information Security Council, driving security awareness and training for key security focuses throughout the organization - Monitor and resolve alerts and alarms in critical systems, ensuring that potential security threats are identified and mitigated promptly - Manage security event responses and investigations, providing timely and effective resolution to security incidents - Coordinate regular penetration testing and drive improvement actions, ensuring that Apkudo's security posture is maintained and improved - Be the company administrator for password and phishing management systems, ensuring that security policies and procedures are up-to-date and compliant - Review and update security-related policies and procedures to ensure alignment with industry standards and best practices - Drive awareness and training of key security focuses throughout the organization, ensuring that all employees are equipped to maintain a high level of security awareness - Assist and support company stakeholders with questions regarding information security, providing timely and effective guidance and support - Stay up-to-date with the latest information security management trends and best practices, applying this knowledge to drive security improvements within Apkudo - Work with Legal to identify and ensure compliance with cryptographic and data encryption regulations - Participate in ad-hoc projects related to improving Apkudo's security posture, applying a collaborative and flexible approach to drive security improvements