Sr Cybersecurity Compliance Auditor

Our organization is seeking a seasoned Senior Cybersecurity Compliance Auditor to provide critical, independent assurance of our security posture against national security regulations. In this role, you will become the internal authority on business unit and corporate systems compliance with CMMC 2.0, DFARS 252.204-7012, and NIST SP 800-171. You will be responsible for leading rigorous assessments, validating security control effectiveness, and ensuring our readiness for formal C3PAO audits. This position is ideal for a meticulous professional who excels at evidence-based evaluation and can effectively communicate findings to drive continuous improvement across the enterprise.The Mission Solutions and Technologies (MST) business area provides affordable, turn-key command/control, communications, integrated ISR, force protection and security solutions worldwide. The MST team has a long legacy of supporting the Department of Defense, Department of Homeland Security, commercial and international customers with years of experience in platform operations, engineering and full lifecycle management across domains – air, land, sea, space and cyber.Responsibilities:Objectively assess and validate the implementation and effectiveness of security controls through evidence collection, technical testing, and stakeholder interviewsDesign and execute test procedures to verify control efficacy and identify potential gaps in our compliance postureAuthor formal audit reports with clear findings, root cause analysis, and actionable, risk-based recommendations for remediationAct as a primary liaison during external C3PAO audits, presenting evidence, clarifying implementations, and defending the organization's compliance positionMentor junior analysts on audit methodologies, evidence gathering, and regulatory interpretationIdentify physical and logical safeguards for systems that process, store, or transmit Controlled Unclassified Information (CUI)Analyze system infrastructure and security protection tools to ensure settings are aligned with internal requirements and standards established in NIST, NSA, and related authoritative publicationsUtilize methodologies and tools to manage assessment engagements from planning to reporting and follow-upEnsure alignment between cybersecurity control requirements and people, processes, and technologies deployed to enforce themInterview system owners to gain understanding of how their systems are configured to protect the confidentiality and integrity of dataQualifications You Must Have:Bachelor's degree in Cybersecurity, Information Technology or related or 10 or more years of relevant experienceA higher level degree may substitute for experienceEquivalent professional experience (8+ years in a direct audit/assessment role) will be considered in lieu of required educationExperience supporting, troubleshooting, and administering a variety of networks, OSs, and applicationsStrong knowledge and experience administering a variety of current Microsoft platformsKnowledge of data security administration principles, methods, and techniquesFamiliarity with domain structures, user authentication, and digital signaturesDemonstrable experience leading formal security assessments or audits (internal or external) Demonstrable skill in audit methodologies, including evidence collection, sampling techniques, and stakeholder interviewsExperience in developing evidence-based audit workpapers and documentationExceptional communication skills, with a proven ability to articulate complex technical findings and risks to both technical and executive audiencesThe ability to obtain and maintain a Secret U.S. Security Clearance is requiredQualifications We Prefer:Hands-on experience with GRC platforms (e.g., eMASS, ServiceNow GRC) for managing controls and evidenceProven experience creating and maturing System Security Plans (SSPs) and Plans of Action & Milestones (POA&Ms)Familiarity with the NIST Risk Management Framework (RMF)Prior experience performing assessments within the Defense Industrial Base (DIB)Direct experience working for a C3PAO or in a similar external assessment capacityOne or more of the following professional certifications:Audit-focused: Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA)Cybersecurity-focused: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)CMMC-focused: CMMC Certified Professional (CCP) or CMMC Certified Assessor (CCA)Estimated Starting Salary: $113,428.57 - $155,964.28SNC offers annual incentive pay based upon performance that is commensurate with the level of the position.SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, tuition reimbursement, and more.IMPORTANT NOTICE:This position requires the ability to obtain and maintain a Secret U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-U.S. citizens may not be eligible to obtain a security clearance. The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the U.S., foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.Learn more about the background check process for Security Clearances. SNC is a global leader in aerospace and national security committed to moving the American Dream forward. We’re known and respected for our mission and execution focus, agility, and disruptive and rapid innovation. We provide leading edge technologies and transformative solutions that support our nation’s most critical security needs. If you are mission-focused, thrive in collaborative environments, and want to make our country stronger with state-of-the-art technologies that safeguard freedom, join our team!SNC is an Equal Opportunity Employer committed to an environment free of discrimination.  Employment decisions are made based on merit without regard to race, color, age, religion, sex, national origin, disability, status as a protected veteran or other characteristics protected by law.

Created: 2025-07-07