• Perform end-to-end space and ground system security assessments, control implementation, and development of mitigation plans; support the concept of operations, system architecture and design, integration and test environments, and continuous monitoring. • Develop system security implementation plans and means of meeting security reporting requirements. • Develop policies, procedures, and standards in alignment with NIST standards (e.g., NIST 800-53/800-171) and industry best practices. • Perform risk-based security assessments, identify appropriate control and mitigation strategies, and derive and allocate security requirements to the system hardware and software elements. • Actively participate in design reviews, technical interchange meetings, and working groups to ensure compliance with security and control requirements. • Support trade studies as required to meet system security requirements. • Support the Authorization to Operate (ATO) process by generating necessary reporting and accreditation documents, such as Plans of Action and Milestones (POA&Ms). • Lead/Facilitate internal and Customer Security Reviews to present security requirements, system assessment, control implementation, and mitigation methods. • Ability to validate system hardening based on current DISA STIGs and/or CIS Level 2 benchmarks. • Lead and participate in vulnerability tracking, remediation, and closure. • Perform system architecture and engineering design, including networking, identity and access management, application and data security, and system design.

• Ensure the security, compliance, and continuous monitoring of enterprise information systems • Support federal security frameworks, risk management activities, and audit readiness efforts while safeguarding sensitive organizational data • Collaborate with technical teams, leadership, and auditors to assess vulnerabilities • Maintain authorization documentation and strengthen governance and compliance processes • Support risk management and continuous monitoring activities to identify and mitigate security vulnerabilities • Administer and maintain GRC tools to support audit logging, compliance reporting, and security control monitoring • Prepare documentation and evidence to support federal audits (NIST 800‑53, FISMA, SOC 1/SOC 2, DATA Act, etc.) • Maintain and update Security Authorization Package artifacts such as SSPs, Risk Assessments, and Security Control Assessments • Support remediation activities and track audit inquiries and corrective actions • Assist with project management functions including milestone tracking, compliance forecasting, and deliverable oversight • Produce regular security posture reports and executive‑level dashboards • Ensure enforcement of security policies, procedures, and RMF requirements • Work cross‑functionally with administrators, developers, and stakeholders to integrate security best practices • Translate complex technical vulnerabilities into clear, actionable insights for leadership and auditors

Role Description As a Lead CMMC Cybersecurity Assessor (LCCA), you will serve as the senior authority responsible for directing and executing formal CMMC Level 2 assessments for organizations required to have the CMMC certification. In this role, you will lead assessment teams, validate compliance with Department of War (DoW/DoD) cybersecurity requirements, and make final determinations regarding certification readiness. You will oversee the full assessment lifecycle, including: - Scoping - Evidence review - Technical validation - Final reporting This position requires deep expertise in cybersecurity frameworks, strong leadership capabilities, and the ability to communicate complex findings clearly and objectively to both internal teams and client stakeholders. The LCCA plays a critical role in maintaining the integrity, consistency, and rigor of the CMMC assessment process while ensuring assessments align with: - 32 CFR Part 170 - The CMMC Assessment Process (CAP) - C3PAO Professional Code of Conduct - Kieri Solutions ethical standards Qualifications - Lead CMMC Certified Assessor (LCCA) certification required - Previous certification as a CMMC Certified Assessor (CCA) - Listed in the Cyber AB Marketplace as a LCCA - Active security clearance - 7+ years of hands-on IT or cybersecurity experience, including networking, servers, virtualization, cloud or hybrid environments, and user endpoints - Demonstrated experience with cybersecurity compliance frameworks such as: NIST SP 800-171, RMF, FedRAMP, ISO 27001, SOC, PCI - Strong ability to interpret technical and compliance requirements and evaluate control implementation objectively - Excellent analytical, technical writing, and documentation skills - Ability to lead complex assessment engagements and coordinate cross-functional technical teams - Strong attention to detail, time management, and ability to perform under structured assessment timelines - Team-oriented mindset with a commitment to collaboration and assessment integrity Requirements - Lead CMMC Certified Assessor (LCCA) certification required - Previous certification as a CMMC Certified Assessor (CCA) - Listed in the Cyber AB Marketplace as a LCCA - Active security clearance - 7+ years of hands-on IT or cybersecurity experience, including networking, servers, virtualization, cloud or hybrid environments, and user endpoints - Demonstrated experience with cybersecurity compliance frameworks such as: NIST SP 800-171, RMF, FedRAMP, ISO 27001, SOC, PCI - Strong ability to interpret technical and compliance requirements and evaluate control implementation objectively - Excellent analytical, technical writing, and documentation skills - Ability to lead complex assessment engagements and coordinate cross-functional technical teams - Strong attention to detail, time management, and ability to perform under structured assessment timelines - Team-oriented mindset with a commitment to collaboration and assessment integrity Benefits - Base Pay: $155,000-$165,000 - Remote Work & Flexible Schedule: Work from home full-time with the option to travel - Work-Life Balance: We prioritize work-life balance with flex-time policies and strictly limited overtime - Competitive Benefits: Enjoy benefits, including 401(k) match, health insurance, and more

Lead investigations and remediation efforts, champion AI and automation in SecOps, develop detection engineering and threat hunting capabilities, and operationalize threat intelligence to identify emerging threats across the attack surface.