Remote - Dod / Cmmc Cybersecurity Compliance Assessor, Auditor (Senior/Mid)

$80,000.00 - $100,000.00 per year.

FULLY REMOTE (U.S. Only).

NO TRAVEL (0% Travel).

Full-time, permanent, salaried.

W-2 plus benefits.

About Peerless
Looking to join a company that inspires employee growth and advancement? Are you eager for new challenges and making a difference in your work environment? Peerless Tech Solutions is a growing, national Managed Security Service Provider (MSSP) focused on Cybersecurity compliance for Defense, Federal, and Commercial customers. We believe in national security and supporting the important mission of DoD contractors and the warfighters they serve. We take pride in employee development and promote an energetic workplace. If you are looking for your hard work to make a difference, then Peerless Tech Solutions is the place for you.

Learn more about us @ https://www.getpeerless.com and https://blog.getpeerless.com

Summary

• Requires very strong work ethic, attention to detail, research skills, and writing skills.
• This position reports to our Director of Cybersecurity and Compliance, not to a generic program manager. That means being challenged and mentored as you grow your knowledge and abilities with us.
• Promotion potential to Senior, Principal, Team Lead, or Manager – per desire and demonstrated ability.
• Primary duties include conducting Gap Assessments and providing expert consulting to a multitude of customers with unique environments. Secondary duties include compliance research, cyber / technical research, knowledge support to other teams, and innovating on deliverables, internal tools, and practices.

Responsibilities

• Execute project tasks, coordination, and delivery with minimal oversight.
• Lead customer meetings and engage directly with customers on Cybersecurity topics.
• Mentor junior-level teammates and cross-train other teams.
• Provide Cybersecurity knowledge support to Engineering, Help Desk, and Sales teams.
• Evaluate policy documentation and evidence for compliance in accordance with control objectives and internal process.
• Write content for baseline Cybersecurity policies, questionnaires, and customer documentation.
• Conduct thorough research on a wide variety of Cybersecurity topics and technologies.
• Research and determine recommendations for remediation, mitigation, and best practice.
• Coordinate with customer, Engineering, and Help Desk teams to gather information, status, and evidence of compliance.
• Provide reports, status updates, information, and responses to customers as related to Cybersecurity services.
• Install, configure, and maintain Cybersecurity tools and software products.
• Prepare and input data for project deliverables and internal tools.
• Document processes, refine them, and design / suggest changes to enhance service efficiency and value to customers.

Experience Required

• Passion for Cybersecurity and technology.
• High productivity and self-motivation while working remotely.
• Very strong attention to detail and writing skills.
• Strong research and analysis skills.
• Participation in formal Cybersecurity and related compliance assessments, compliance reviews, gap analysis, and/or audits.
• Security Control Assessment (SCA) and compliance auditing.
• Subject Matter Expert (SME) in Cybersecurity topics and ability to consult with customers.
• Demonstrated responsibility in project and service delivery.
• Ability to read through, organize, and summarize large amounts of content and data.
• Microsoft Office at an intermediate level (Excel, Word, PowerPoint, Visio, etc.)
• Well-rounded knowledge of Cybersecurity methodologies and technologies, such as: encryption, access control, network perimeter defense, defense-in-depth, zero trust architecture, event correlation, system hardening, etc.

Experience Desired

• Cybersecurity compliance knowledge (ex. NIST SP 800-171, CMMC, DFARS 7012, NIST / DoD Risk Management Framework [RMF], ICD 503, NIST SP 800-37, NIST SP 800-53, NIST SP 800-30, FedRAMP, ISO 27001 / 27K, PCI DSS, FFIEC, HITRUST, SOC 2.)
• In-depth experience with complex compliance frameworks, such as NIST / DoD RMF, NIST SP 800-53, FedRAMP, and the DoD Cloud SRG.
• Cybersecurity software product experience (ex. GRC, VulnScan, SIEM, DLP, etc.)
• System Architecture, System Administration, Network Administration, Security Operations Center, and/or IT Help Desk experience with Windows and Linux / Unix.
• Military or Federal Cyber Security, Information Assurance (IA), or Information Security (INFOSEC) background.
• Cloud administration, cloud architecture, and/or Cybersecurity knowledge of Microsoft Azure, Microsoft 365 / Office 365 (M365/O365), Amazon Web Services (AWS), Google Cloud Platform (GCP), and Google Workspace.
• Scripting or programming skills (ex. JSON, REST, XML, HTML, VBA, VBScript, PowerShell, .NET, Python, JavaScript, Java).
• Independent study of Cybersecurity towards industry-recognized certifications.
• Active security clearance (Public Trust, Secret, Top Secret, SCI, etc.)

Education / Certification Requirements

• CompTIA Security+/CASP+/CySA+, ISC2 CISSP/CAP, or ISACA CISM/CISA/CRISC certification.
• Minimum 4yrs Cybersecurity-focused work experience.
• Bachelor's degree or minimum 6yrs IT / Cybersecurity work experience.
• Master's degree or minimum 4yrs IT / Cybersecurity work experience.

Other Requirements

• U.S. Citizenship.
• Passing of background check and drug screening.
• 0% Travel.

Job Application Note

• Skill Assessments and phone questions are optional to be considered for this job, though they may help your standing and you may be asked to take them after passing initial screening.

Job Types: Full-time, Permanent

Pay: $80,000.00 - $100,000.00 per year

Benefits:

• 401(k)
• Dental insurance
• Flexible schedule
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Professional development assistance
• Referral program
• Retirement plan
• Vision insurance

Compensation package:

• Bonus opportunities
• Performance bonus
• Yearly bonus
• Yearly pay

Experience level:

• 4 years

Schedule:

• Monday to Friday

Application Question(s):

• Have you participated in formal Cybersecurity or related compliance assessments / audits? Please describe.
• Do you have hands-on experience performing a Cybersecurity assessment? Please indicate approximately how many assessments, against what control sets or frameworks, and describe your role(s). Please do not provide any sensitive information.
• Do you intend to maintain any other employment, contract work, consulting, military, public service, or other obligations while employed with us? If so, please describe.
• Have you conducted a formal, methodology-based evaluation of security controls and their requirements? Were any of these evaluations technical in nature? Please describe.
• Are you able to dedicate a minimum of 40 highly productive hours per week to this job?
• Are you comfortable and proficient with extensive writing? Have you ever written cybersecurity policy? Please describe.
• What are your annual salary and other compensation expectations?
• In what Metropolitan Area, City, and State are you located?

Experience:

• Cybersecurity-focused work: 4 years (Required)
• Compliance assessment / audit / control evaluation: 2 years (Required)

License/Certification:

• U.S. Citizenship (Required)
• Security+/CASP+/CySA+, CISSP/CAP, or CISM/CISA/CRISC (Required)
• employment history and can pass a thorough background check (Required)

Security clearance:

• Secret (Preferred)

Work Location: Remote