FREE ACCESS
5,000–10,000 jobs/day

See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Security Analyst – ISSO
LynkSecurity Analyst responsible for maintaining compliance programs for Lynk's satellite-to-cellular network. Leading audits and assessments while managing security operations related to CUI systems.
Tech Stack
Tools & technologiesAWSCloudCyber Security
About the role
Key responsibilities & impact- Own and maintain the System Security Plan (SSP) and Plan of Action & Milestones (POA&M) for all CUI-scoped systems; always keep documentation audit-ready.
- Assess all 110 NIST SP 800-171 practices for implementation and effectiveness; map existing controls (Wazuh, ThreatDown, Tenable, ManageEngine, AD GPOs, SnipeIT) to CMMC requirements, identify gaps, and drive remediation.
- Maintain the organizational risk register; support ongoing Risk Management Framework (RMF) processes and report risk posture to the CISO.
- Lead preparation for CMMC Level 2 assessments — build evidence packages, coordinate with the C3PAO, and manage assessor requests and findings.
- Develop and maintain cybersecurity policies, procedures, and standards aligned to CMMC, DFARS, SOC 2, and GDPR; ensure version control and staff acknowledgment records are maintained.
- Define, track, and report security metrics and KPIs to the CISO and non-technical stakeholders including legal, contracts, and business development teams.
- Support contract teams with DFARS clause requirements, cybersecurity representations, and customer security questionnaires.
- Conduct vendor and third-party risk assessments; maintain supplier risk documentation.
- Manage the security awareness training program and phishing simulations; maintain completion records per CMMC requirements.
- Monitor SIEM for security events and alerts relevant to CUI systems; write and tune detection rules; triage and escalate incidents; produce post-incident reports with compliance impact assessment. Leverage audit log aggregation to satisfy CMMC AU (Audit & Accountability) control evidence requirements.
- Monitor EDR alerts for CUI-scoped endpoints; investigate detections and coordinate response with IT.
- Work with IT to ensure vulnerability findings are remediated within CMMC-required timeframes, track and report on remediation status.
- Leverage MDM and Active Directory to enforce device compliance, GPO-based security baselines, and access control policies across CUI-scoped endpoints.
- Use asset inventory as the authoritative hardware/software asset register for CMMC system boundary documentation; keep it current and audit ready.
- Conduct periodic access control audits; enforce least-privilege across AD, SSO, and SaaS tooling handling CUI.
Requirements
What you’ll need- 3–6 years in cybersecurity with a strong GRC or compliance focus; prior ISSO experience or equivalent accountability preferred.
- Deep, working knowledge of NIST SP 800-171 and DFARS 7012. Able to assess, gap-analyze, and evidence all 110 controls independently.
- Demonstrated experience authoring SSPs and POA&Ms for government-facing or regulated environments.
- Familiarity with the CMMC Level 2 assessment process and C3PAO engagement.
- Hands-on SIEM experience: writing detection rules, querying logs, and generating compliance-grade audit evidence.
- Hands-on experience with EDR and vulnerability scanning tools in a compliance context. Mapping tool outputs to NIST controls and generating assessor evidence.
- Working knowledge of SOC 2 Type II and GDPR compliance requirements.
- Some cloud security fundamentals (AWS preferred). IAM, CloudTrail, GuardDuty, access policies.
- Clear, structured communicator. Equally comfortable writing formal policy documentation and briefing non-technical executives.
- US citizenship or Lawful Permanent Resident status.
Benefits
Comp & perks- Competitive salary and equity in a company building genuinely novel global infrastructure.
- Remote-first, US-based role.
- Direct line to the CISO; your work defines Lynk’s compliance posture at a critical growth stage.
- A functioning security toolset already in place. Your focus is maturing and aligning it, not standing it up from scratch.
- Learning and certification budget.
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Risk Management Framework (RMF)Plan of Action & Milestones (POA&M)Cybersecurity Policy DevelopmentVulnerability ScanningDetection Rule WritingAccess Control AuditsCloud Security FundamentalsAsset Inventory ManagementCompliance Evidence GenerationThird-Party Risk Assessment
Soft Skills
Clear CommunicationStructured DocumentationCollaboration with Non-Technical Stakeholders