Overview:

The Cybersecurity Compliance Assessor is responsible for the performance of cybersecurity framework assessments to determine compliance with Government-mandated cybersecurity regulatory requirements. This includes Cybersecurity Maturity Model Certification (CMMC) for Maturity Levels 1, 2, and 3, NIST SP 800-171, NIST SP 800-172, NIST SP 800-53 (RMF), ISO 27001, CIS, the NIST Cybersecurity Framework,

Responsibilities:

Conduct cybersecurity assessments for a broad range of customer environments to determine any gaps that exist between compliance requirements and actual implementation based on common NIST standards, such as NIST SP 800-53, NIST SP 800-82, and NIST SP 800-171.

• Lead or participate in assessment teams to evaluate organizations against compliance standards.
• Develop & manage assessment project plans.
• Work with the customer to conduct interviews and observe technical implementations.
• Provide guidance to customers, as needed, to facilitate compliance requirements.
• Conduct compliance and cybersecurity workshops.
• Create assessment reports and gap analysis reports.
• Create System Security Plans, Plan of Action & Milestones, and security procedures.

Basic Qualifications:

• College degree (or equivalent experience/military) or 4 years of direct cybersecurity or IT experience are required.
• Must have one or more of the following certifications: CISA, CISSP, CCSP, CISM, CASP+, CCISO, GCED, GCIH, GSLC.
• Prior cybersecurity assessment experience is required.
• Experience in technical document writing.
• Experience in a security/compliance focused role with 3 - 5+ years of experience performing technical security audits and risk assessments.
• Minimum 1+ years’ experience with cloud-based concepts with an emphasis on security and auditing AWS or Azure controls.
• The ability to pass a federal background check is required.
• Successful drug screening.
• Must be eligible to obtain and maintain a security clearance.
• U.S. Citizenship required.
• Willingness to travel as needed.

Preferred Qualifications:

• Certified CMMC Practitioner (CCP).
• Certified Provisional Assessor (CPA).
• CMMC Registered Practitioner (RP)/Registered Practitioner Advanced (RPA).
• 3+ years’ experience with cloud-based concepts with an emphasis on security and auditing AWS or Azure controls.

Boston Government Services, LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.