AWS Cloud Governance & Compliance Advisor (Top Secret)

UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.

By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. 

The Cloud Governance & Compliance Advisor will lead the assessment of cybersecurity governance frameworks, policies, and compliance programs to determine alignment with regulatory requirements and industry best practices. The Cloud Governance & Compliance

•    Review and evaluate cybersecurity governance frameworks, policies, standards, and procedures
•    Assess compliance with regulatory and industry standards such as: 
o    GDPR, HIPAA, SOC 2
o    NIST Cybersecurity Framework (CSF)
o    NIST SP 800-53
o    ISO/IEC 27001
o    Cloud Security Alliance (CSA) Cloud Controls Matrix
•    Apply maturity models (e.g., NIST CSF, CMMI) to establish a current-state baseline
•    Conduct interviews with compliance stakeholders and business leaders
•    Perform detailed document reviews (policies, procedures, audit reports)
•    Evaluate AWS governance processes and controls in regulated environments
•    Identify gaps in governance, risk management, and compliance capabilities
•    Develop actionable recommendations to improve governance structure and compliance posture

•    8+ years of experience in cybersecurity governance, risk, and compliance assessments
•    Expertise in regulatory frameworks and audit/assessment processes
•    Deep expertise in NIST, ISO, CSA CCM, and federal compliance frameworks
Core Certifications:
•    CISSP – broad coverage across governance, risk, and controls
•    CISM (Certified Information Security Manager) – governance and program oversight focus
•    CRISC (Certified in Risk and Information Systems Control) – risk management emphasis
Compliance-Specific:
•    CISA (Certified Information Systems Auditor) 
•    ISO/IEC 27001 Lead Implementer or Lead Auditor
•    CCSK (Certificate of Cloud Security Knowledge)
Clearance Requirement:
•    Active TS/SCI with SCI Polygraph (or eligible)

• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed  
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)  
• Group Term Life, Short-Term Disability, Long-Term Disability  
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness  
• Participation in the Discretionary Time Off (DTO) Program  
• 11 Paid Holidays Annually 

We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.

If you want to make an impact, UltraViolet Cyber is the place for you!