Cloud Governance & Compliance Advisor

About UltraViolet Cyber

Make a difference here. UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.

By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.

What You’ll Do:

• Review and evaluate cybersecurity governance frameworks, policies, standards, and procedures
• Assess compliance with regulatory and industry standards such as:
• GDPR, HIPAA, SOC 2
• NIST Cybersecurity Framework (CSF)
• NIST SP 800-53
• ISO/IEC 27001
• Cloud Security Alliance (CSA) Cloud Controls Matrix
• Apply maturity models (e.g., NIST CSF, CMMI) to establish a current-state baseline
• Conduct interviews with compliance stakeholders and business leaders
• Perform detailed document reviews (policies, procedures, audit reports)
• Evaluate AWS governance processes and controls in regulated environments
• Identify gaps in governance, risk management, and compliance capabilities
• Develop actionable recommendations to improve governance structure and compliance posture

What You’ve Done:

• 8+ years of experience in cybersecurity governance, risk, and compliance assessments
• Expertise in regulatory frameworks and audit/assessment processes
• Deep expertise in NIST, ISO, CSA CCM, and federal compliance frameworks

Core Certifications:

• CISSP – broad coverage across governance, risk, and controls
• CISM (Certified Information Security Manager) – governance and program oversight focus
• CRISC (Certified in Risk and Information Systems Control) – risk management emphasis

Compliance-Specific:

• CISA (Certified Information Systems Auditor)
• ISO/IEC 27001 Lead Implementer or Lead Auditor
• CCSK (Certificate of Cloud Security Knowledge)

Clearance Requirement:

• Active TS/SCI with SCI Polygraph (or eligible)

Compensation

$110,000 - $160,000 a year

Benefits

• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
• Group Term Life, Short-Term Disability, Long-Term Disability
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
• Participation in the Discretionary Time Off (DTO) Program
• 11 Paid Holidays Annually

About the Application Process

We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.

Commitment to Diversity & Inclusion

UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.

If you want to make an impact, UltraViolet Cyber is the place for you!

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.