Saronic Technologies
Saronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms.
In this role, you’ll support Saronic’s governance, risk, and compliance activities by assisting with Security Impact Analyses (SIAs), maintaining compliance evidence, and helping evaluate software and services for cybersecurity accreditations. You’ll work alongside other cybersecurity and IT team members to ensure changes and new tools align with NIST 800-171, CMMC, FedRAMP, and related standards.
Key Responsibilities
Assist in maintaining and updating control-framework mappings (e.g., NIST SP 800-171, CMMC, ISO 27001) to ensure alignment and traceability.
Gather documentation and perform initial reviews for Security Impact Analyses (SIAs) of software and hardware changes across the enterprise, identifying potential control gaps and coordinating with control owners.
Aid in evidence collection and tracking for compliance assessments against applicable frameworks and regulations, organizing artifacts in the GRC platform.
Identify and log new risks and control deficiencies in the risk register and POA&M, update remediation statuses, and generate summary reports for the GRC team.
Support platform and software accreditation efforts by collecting security questionnaires, reviewing vendor certificates, and summarizing findings.
Review and track cybersecurity training completion to ensure all users meet company training requirements.
Assist in the management and updates of cybersecurity policies, as well as circulating drafts for stakeholder feedback, and ensure approved policies are published and communicated.
Required Qualifications
Bachelor’s degree in IT, Cybersecurity, or a related field
3+ years in a GRC or cybersecurity support role
Knowledge of cybersecurity frameworks such as NIST SP 800-171/800-53, NIST CSF 2.0, ISO 27001/27002, etc.
Familiarity with endpoint management platforms (Microsoft Intune, Jamf) and core technical security controls
Strong attention to detail and organizational skills
Excellent written and verbal communication skills
This role requires U.S. Citizenship due to NOFORN data workflows
Preferred Qualifications
Hands‑on experience with FedRAMP, CMMC, and the NIST Risk Management Framework (RMF)
Industry‑recognized certifications (CISSP, CCSP, CISM, etc.)
Experience with ServiceNow IRM or similar GRC platforms
Knowledge of international regulations and standards (GDPR, Cyber Essentials, etc.)
Experience with vulnerability scanners (Microsoft Defender VM, Tenable Nessus, etc.) and SIEM tools (Azure Sentinel, Splunk, etc.)
Proven track record drafting and maintaining security policies and procedures
Previous work with DoD or other federal agencies
Benefits
Medical Insurance:
Comprehensive health insurance plans covering a range of services. Saronic pays 100% of the premium for employees and 80% for dependents.
Dental and Vision Insurance:
Coverage for routine dental check‑ups, orthodontics, and vision care. Saronic pays 99% of the premium for employees and 80% for dependents.
Time Off:
Generous PTO and Holidays.
Parental Leave:
Paid maternity and paternity leave to support new parents.
Competitive Salary:
Industry‑standard salaries with opportunities for performance‑based bonuses.
Retirement Plan:
401(k) plan.
Stock Options:
Equity options to give employees a stake in the company’s success.
Life and Disability Insurance:
Basic life insurance and short‑ and long‑term disability coverage.
Additional Perks:
Free lunch benefit and unlimited free drinks and snacks in the office.
This role requires access to export‑controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3).
Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.
#J-18808-Ljbffr
In this role, you’ll support Saronic’s governance, risk, and compliance activities by assisting with Security Impact Analyses (SIAs), maintaining compliance evidence, and helping evaluate software and services for cybersecurity accreditations. You’ll work alongside other cybersecurity and IT team members to ensure changes and new tools align with NIST 800-171, CMMC, FedRAMP, and related standards.
Key Responsibilities
Assist in maintaining and updating control-framework mappings (e.g., NIST SP 800-171, CMMC, ISO 27001) to ensure alignment and traceability.
Gather documentation and perform initial reviews for Security Impact Analyses (SIAs) of software and hardware changes across the enterprise, identifying potential control gaps and coordinating with control owners.
Aid in evidence collection and tracking for compliance assessments against applicable frameworks and regulations, organizing artifacts in the GRC platform.
Identify and log new risks and control deficiencies in the risk register and POA&M, update remediation statuses, and generate summary reports for the GRC team.
Support platform and software accreditation efforts by collecting security questionnaires, reviewing vendor certificates, and summarizing findings.
Review and track cybersecurity training completion to ensure all users meet company training requirements.
Assist in the management and updates of cybersecurity policies, as well as circulating drafts for stakeholder feedback, and ensure approved policies are published and communicated.
Required Qualifications
Bachelor’s degree in IT, Cybersecurity, or a related field
3+ years in a GRC or cybersecurity support role
Knowledge of cybersecurity frameworks such as NIST SP 800-171/800-53, NIST CSF 2.0, ISO 27001/27002, etc.
Familiarity with endpoint management platforms (Microsoft Intune, Jamf) and core technical security controls
Strong attention to detail and organizational skills
Excellent written and verbal communication skills
This role requires U.S. Citizenship due to NOFORN data workflows
Preferred Qualifications
Hands‑on experience with FedRAMP, CMMC, and the NIST Risk Management Framework (RMF)
Industry‑recognized certifications (CISSP, CCSP, CISM, etc.)
Experience with ServiceNow IRM or similar GRC platforms
Knowledge of international regulations and standards (GDPR, Cyber Essentials, etc.)
Experience with vulnerability scanners (Microsoft Defender VM, Tenable Nessus, etc.) and SIEM tools (Azure Sentinel, Splunk, etc.)
Proven track record drafting and maintaining security policies and procedures
Previous work with DoD or other federal agencies
Benefits
Medical Insurance:
Comprehensive health insurance plans covering a range of services. Saronic pays 100% of the premium for employees and 80% for dependents.
Dental and Vision Insurance:
Coverage for routine dental check‑ups, orthodontics, and vision care. Saronic pays 99% of the premium for employees and 80% for dependents.
Time Off:
Generous PTO and Holidays.
Parental Leave:
Paid maternity and paternity leave to support new parents.
Competitive Salary:
Industry‑standard salaries with opportunities for performance‑based bonuses.
Retirement Plan:
401(k) plan.
Stock Options:
Equity options to give employees a stake in the company’s success.
Life and Disability Insurance:
Basic life insurance and short‑ and long‑term disability coverage.
Additional Perks:
Free lunch benefit and unlimited free drinks and snacks in the office.
This role requires access to export‑controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3).
Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.
#J-18808-Ljbffr