Security Advisor – Control Assessor
Soteria - Security Solutions & Advisory
full-time
Posted on:
Location Type: Remote
Location: South Carolina • United States
Visit company websiteExplore more
Tech Stack
About the role
- Execute cybersecurity control assessments against a defined subset of key controls aligned to established frameworks (NIST SP 800-53 Rev. 5)
- Assess control implementation status using standardized criteria and validation methodologies (NIST SP 800-53A Rev. 5)
- Test information systems using documentation review, system walk-throughs, and stakeholder interviews to assess the design and operating effectiveness of NIST SP 800-53 Rev. 5 security controls
- Apply consistent judgment to determine evidence sufficiency and appropriateness
- Maintain organized evidence repositories using secure collaboration platforms
- Draft standardized assessment narratives and findings
- Contribute to assessment workbooks, reports, and presentations using approved templates and language standards
- Adhere strictly to defined assessment methodologies, scope boundaries, and validation standards
- Ensure assessments are executed consistently across multiple clients to support trend analysis and benchmarking
- Support quality assurance reviews by addressing feedback and ensuring accuracy and clarity of deliverables
- Escalate ambiguities, inconsistencies, or control interpretation questions to senior team members
- Participate in client interviews and working sessions in a professional, structured manner
- Communicate assessment expectations and evidence needs clearly to stakeholders
- Collaborate effectively with Lead Assessors and peers to meet delivery timelines
Requirements
- 3+ years of experience in cybersecurity, IT risk, audit, or compliance
- 1+ year of experience performing IT audits or control assessments
- Familiarity with common cybersecurity frameworks (NIST CSF, NIST 800-53 Rev. 5, ISO 27001, CIS Controls)
- Strong written communication skills with the ability to produce clear, defensible documentation
- Proficiency with Microsoft Word, Excel, and collaboration tools
- Relevant certifications (CISA, CISM, CISSP, or similar) preferred
- Detail-oriented with strong analytical judgment
- Comfortable working in structured, repeatable delivery models
Benefits
- Soteria is a remote workforce with flexibility in scheduling
- Periodic travel to client sites is required based on client needs
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cybersecurityIT riskauditcompliancecontrol assessmentsNIST SP 800-53 Rev. 5NIST SP 800-53A Rev. 5ISO 27001CIS Controlsanalytical judgment
Soft Skills
strong written communicationdetail-orientedstructured deliverycollaborationprofessionalismclarity in communicationaddressing feedbackorganizational skillsinterpersonal skillsjudgment
Certifications
CISACISMCISSP