Sr. Staff Technology Controls Architecture & Assurance Lead

3 weeks, 3 days ago
Full-time
Lead
Cybersecurity
Archer

Archer

Archer Technologies provides enterprise governance, risk, and compliance solutions through the Archer SmartSuite framework. Additionally, Archer is designing and developing electric vertical takeoff and landing aircraft for urban air mobility networks....

Construction & Engineering
251-1K
Founded 2018

Description

  • Lead development and lifecycle governance of the information security policy library, standards, and control frameworks.
  • Own the enterprise issue management process, including severity thresholds, SLAs, escalations, risk acceptance, exceptions, and POA&M tracking.
  • Design and run the internal control self-assessment program across engineering, IT, finance, and legal.
  • Serve as the primary liaison for internal audit, external auditors, CMMC assessors, and government compliance reviewers.
  • Own the SOX IT General Controls program, including scoping, control design support, auditor coordination, and year-round readiness.
  • Build and maintain key risk indicators and quantitative risk models to prioritize remediation and communicate risk trends.
  • Support defense program compliance obligations related to DFARS, ITAR, CMMC Level 2, CUI handling, and DoD cybersecurity requirements.
  • Partner with engineering, avionics, and certification teams to align information security controls with FAA aircraft certification requirements.
  • Produce executive-ready risk briefings, dashboards, and audit evidence packages for leadership and board audiences.
  • Translate complex technical and regulatory findings into clear actions for stakeholders across the business.

Requirements

  • 8+ years in information security, including at least 4 years in a GRC, compliance, or IS audit-focused role.
  • Deep hands-on knowledge of NIST SP 800-171 / CMMC Level 2, NIST SP 800-161, DFARS 252.204-7012, and ITAR.
  • Experience managing SOX ITGC programs in a public or pre-IPO company environment.
  • Proven experience designing and executing control self-assessments and managing issues through closure.
  • Experience serving as the primary point of contact for external audits or government compliance assessments.
  • Ability to build quantitative risk models and KRIs using data analytics or AI tooling.
  • Exceptional written and verbal communication skills with the ability to create board-ready briefings and executive communications.
  • U.S. citizenship and eligibility to obtain a DoD Secret security clearance.
  • Hands-on experience with ServiceNow GRC/IRM, AuditBoard, Jira/Confluence, Power BI/Tableau, Workiva, Splunk/SIEM, Python/SQL, and related GRC or analytics tools (expected or highly valued).
  • Preferred: active DoD Secret or Top Secret/SCI clearance, certifications such as CISSP, CISM, CRISC, CISA, or CMMC RP/CCP, and aerospace/aviation/defense experience.

Benefits

  • Target base salary of $207,400 to $259,200.
  • Equal Opportunity employer committed to diversity and inclusivity.
  • Reasonable accommodations provided for applicants with disabilities or sincerely held religious beliefs.
  • Pay-for-performance culture with compensation based on job-related knowledge, skills, and experience.
  • Opportunity to work on high-impact defense and aircraft certification programs at Archer.
  • No work visa sponsorship available for this position at present time.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Manager, Compliance Advisory

Coalfire 251-1K Internet Software & Services

Coalfire is hiring a Manager, Public Sector Advisory to lead client-facing cybersecurity compliance engagements for public sector customers while managing a small consulting team and overseeing delivery quality.

AWS Azure Cybersecurity GCP Network Security
8 hours, 51 minutes ago

Senior Technical Consultant — Physical & Logical Access Control (ServiceNow Platform)

SwiftConnect 51-200 Software Development

An experienced technical consultant is needed to advise product and engineering teams building an enterprise workplace security capability on the ServiceNow platform, unifying physical access control with identity, HR, and IT workflows.

REST API SOAP
8 hours, 51 minutes ago

Regional Security Manager

Stand Together 251-1K Diversified Consumer Services

Stand Together is hiring a Regional Security Manager to support its philanthropic community by assessing and reducing security risk across facilities, events, and operations in an assigned region.

9 hours, 6 minutes ago

Field Strategist

Convergent Research 11-50 Professional Services

Atlas Computing is hiring a Field Strategist to scope and launch new AI resilience interventions, working with experts, funders, and future owners to turn complex societal risks into actionable efforts.

Cybersecurity Machine Learning Prototyping
9 hours, 6 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers