RemoteLeaf Logo
Log in Sign up

Sr. Staff Technology Controls Architecture & Assurance Lead

1 day, 9 hours ago
United States
Full-time
Lead
Penetration Tester
Cybersecurity
Confluence JIRA Power BI Python SIEM Splunk SQL Tableau
Apply Now
Archer

Archer

Archer Technologies provides enterprise governance, risk, and compliance solutions through the Archer SmartSuite framework. Additionally, Archer is designing and developing electric vertical takeoff and landing aircraft for urban air mobility networks....

Construction & Engineering
251-1K
Founded 2018
View All Jobs 30

Description

  • Lead development and lifecycle governance of the information security policy library, standards, and control frameworks.
  • Own the enterprise issue management process, including severity thresholds, SLAs, escalations, risk acceptance, exceptions, and POA&M tracking.
  • Design and run the internal control self-assessment program across engineering, IT, finance, and legal.
  • Serve as the primary liaison for internal audit, external auditors, CMMC assessors, and government compliance reviewers.
  • Own the SOX IT General Controls program, including scoping, control design support, auditor coordination, and year-round readiness.
  • Build and maintain key risk indicators and quantitative risk models to prioritize remediation and communicate risk trends.
  • Support defense program compliance obligations related to DFARS, ITAR, CMMC Level 2, CUI handling, and DoD cybersecurity requirements.
  • Partner with engineering, avionics, and certification teams to align information security controls with FAA aircraft certification requirements.
  • Produce executive-ready risk briefings, dashboards, and audit evidence packages for leadership and board audiences.
  • Translate complex technical and regulatory findings into clear actions for stakeholders across the business.

Requirements

  • 8+ years in information security, including at least 4 years in a GRC, compliance, or IS audit-focused role.
  • Deep hands-on knowledge of NIST SP 800-171 / CMMC Level 2, NIST SP 800-161, DFARS 252.204-7012, and ITAR.
  • Experience managing SOX ITGC programs in a public or pre-IPO company environment.
  • Proven experience designing and executing control self-assessments and managing issues through closure.
  • Experience serving as the primary point of contact for external audits or government compliance assessments.
  • Ability to build quantitative risk models and KRIs using data analytics or AI tooling.
  • Exceptional written and verbal communication skills with the ability to create board-ready briefings and executive communications.
  • U.S. citizenship and eligibility to obtain a DoD Secret security clearance.
  • Hands-on experience with ServiceNow GRC/IRM, AuditBoard, Jira/Confluence, Power BI/Tableau, Workiva, Splunk/SIEM, Python/SQL, and related GRC or analytics tools (expected or highly valued).
  • Preferred: active DoD Secret or Top Secret/SCI clearance, certifications such as CISSP, CISM, CRISC, CISA, or CMMC RP/CCP, and aerospace/aviation/defense experience.

Benefits

  • Target base salary of $207,400 to $259,200.
  • Equal Opportunity employer committed to diversity and inclusivity.
  • Reasonable accommodations provided for applicants with disabilities or sincerely held religious beliefs.
  • Pay-for-performance culture with compensation based on job-related knowledge, skills, and experience.
  • Opportunity to work on high-impact defense and aircraft certification programs at Archer.
  • No work visa sponsorship available for this position at present time.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

GuidePoint Security

Principal Threat Intelligence Consultant

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Principal GRIT Consultant to help deliver threat intelligence and related research services to clients while contributing technical leadership to its Research & Intelligence Team.

United States Full-time Senior Penetration Tester
AWS Azure Bash Cybersecurity Go PowerShell Python SIEM
1 day, 8 hours ago
DYOPATH

vCISO (Mexico)

DYOPATH 251-1K Internet Software & Services

DYOPATH is hiring a remote Security Consultant (vCISO) in Mexico to serve as a strategic and hands-on cybersecurity advisor for enterprise clients, helping shape security programs and strengthen client security posture.

Mexico Full-time Executive Penetration Tester
$3k-$3k
Cybersecurity
1 day, 8 hours ago
U

Associate Principal Red Team Consultant

UltraViolet Cyber 501-1000 Computer and Network Security

UltraViolet Cyber is hiring a remote Associate Principal Red Team Consultant to lead client-facing offensive security engagements that simulate advanced adversaries across enterprise, cloud, and social engineering attack surfaces.

United States Full-time Senior Penetration Tester
$165k-$195k
Active Directory AWS Azure C# DNS GCP Go Metasploit Penetration Testing PowerShell Python SIEM
2 days, 8 hours ago
PartnerOne

Cybersecurity Executive

PartnerOne 51-250 Media

Partner One is seeking a cybersecurity executive to lead a global business serving enterprise, government, defense, and critical infrastructure customers, with responsibility for growth, operational performance, product direction, and long-term value creation.

United States Full-time Executive Penetration Tester
Cybersecurity
3 days, 8 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers