Soteria - Security Solutions & Advisory

Senior Security Advisor – Lead Control Assessor

Soteria - Security Solutions & Advisory

full-time

Posted on:

Location Type: Remote

Location: South CarolinaUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cyber Security

About the role

  • Lead and execute cybersecurity control assessments against a defined subset of key controls aligned to established frameworks (NIST SP 800-53 Rev. 5).
  • Assess control implementation status using standardized criteria and validation methodologies. (NIST SP 800-53A Rev. 5).
  • Test information systems using documentation review, system walk-throughs, and stakeholder interviews to assess the design and operating effectiveness of NIST SP 800-53 Rev. 5 security controls.
  • Apply consistent judgment to determine evidence sufficiency and appropriateness.
  • Lead planning, kickoff, execution coordination, and closeout activities for assigned assessment engagements.
  • Coordinate assessment activities and task assignments across Control Assessors to meet delivery timelines.
  • Serve as the primary point of contact for client stakeholders during assessment engagements.
  • Review and approve assessment narratives, findings, and control determinations prior to quality assurance submission.
  • Ensure assessments are executed consistently across multiple clients to support trend analysis and benchmarking.
  • Enforce adherence to defined assessment methodologies, scope boundaries, and validation standards.
  • Support quality assurance reviews by addressing feedback and ensuring accuracy, clarity, and consistency of deliverables.
  • Lead and participate in client interviews, system walkthroughs, and working sessions in a professional, structured manner.
  • Clearly communicate assessment scope, expectations, and evidence requirements to stakeholders.
  • Present assessment results, key findings, and risk implications to executive leadership and board-level stakeholders in a clear, concise, and professional manner.
  • Mentor and guide Control Assessors on assessment techniques, documentation standards, and professional judgment.
  • Escalate risks, issues, or control interpretation questions to program leadership as appropriate.

Requirements

  • 7+ years of industry experience in cybersecurity, information security, IT audit, or risk and compliance.
  • 2+ years of experience leading or performing cybersecurity control assessments or IT audits, with demonstrated responsibility for control testing and validation.
  • Bachelor’s degree in Information Security, Information Systems, Computer Science, or a related field, or equivalent professional experience.
  • Relevant professional certifications such as CISSP, CISM, CISA, CRISC , or equivalent strongly preferred.
  • Proven experience testing and evaluating security controls aligned to NIST SP 800-53 Rev. 5 and applying assessment procedures consistent with NIST SP 800-53A Rev. 5.
  • Experience executing repeatable, methodology-driven assessment programs across multiple organizations or systems.
  • Strong written and verbal communication skills, including experience presenting assessment results to executive and board-level audiences.
  • Maintains confidentiality and professionalism with sensitive client information.
Benefits
  • Remote work flexibility
  • Professional development opportunities
  • Health insurance
  • Retirement plans
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecurity control assessmentscontrol testingvalidation methodologiesNIST SP 800-53 Rev. 5NIST SP 800-53A Rev. 5information systems testingassessment methodologiesdocumentation standardsrisk assessmenttrend analysis
Soft Skills
communication skillsleadershipmentoringprofessional judgmentcoordinationclient engagementquality assuranceproblem-solvingattention to detailconfidentiality
Certifications
CISSPCISMCISACRISC