1

Cis Benchmark Jobs (NOW HIRING)

Contribute to the firm's broader CIS Benchmark compliance posture, maintaining mappings to CIS Controls v8 and NIST CSF 2.0 for audit and regulatory defensibility. What's required * 6+ years of ...

Contribute to the firm's broader CIS Benchmark compliance posture, maintaining mappings to CIS Controls v8 and NIST CSF 2.0 for audit and regulatory defensibility. What's required * 6+ years of ...

Mid-Level ISSO

Suitland, MD · On-site

$110K - $120K/yr

... CIS) Benchmark, and Security Content Automation Protocol (SCAP), and Retina. • Experience with ISSO responsibilities per SECNAV M-5239.2 • Knowledge and experience of cybersecurity, A&A and RMF ...

... CIS benchmark validation activities and remediation efforts. • Support internal and external audits including FedRAMP, PCI DSS, SOC 2, ISO 27001, and customer assessments. • Ensure recurring ...

... CIS benchmark validation activities and remediation efforts. • Support internal and external audits including FedRAMP, PCI DSS, SOC 2, ISO 27001, and customer assessments. • Ensure recurring ...

Worked with Vulnerability tools but doing compliance with DISA STIGS or CIS Benchmark (Some examples of vulnerability tools are Eeye Retina, Tenable.SC, Tenable.io, Rapid 7, ACAS) * Scripting ...

next page

Showing results 1-20

Cis Benchmark information

See salary details

$13

$28

$53

How much do cis benchmark jobs pay per hour?

As of Jul 8, 2026, the average hourly pay for cis benchmark in the United States is $28.86, according to ZipRecruiter salary data. Most workers in this role earn between $24.04 and $33.41 per hour, depending on experience, location, and employer.

What are CIS Benchmarks?

CIS Benchmarks are a set of best practices and guidelines developed by the Center for Internet Security (CIS) to help organizations secure their IT systems and data. These benchmarks provide detailed configuration recommendations for a wide range of technologies, including operating systems, cloud platforms, and applications. By following CIS Benchmarks, organizations can reduce vulnerabilities, meet compliance requirements, and strengthen their overall security posture.

What are the key skills and qualifications needed to thrive as a CIS Benchmark Security Analyst, and why are they important?

To thrive as a CIS Benchmark Security Analyst, you need a strong understanding of information security principles, system hardening, and compliance frameworks, often supported by a degree in cybersecurity or related fields. Familiarity with CIS Benchmarks, security configuration assessment tools (such as CIS-CAT or Nessus), and relevant certifications like CISSP or CompTIA Security+ is typically required. Attention to detail, analytical thinking, and effective communication are crucial soft skills for interpreting results and collaborating with IT teams. These capabilities are vital to ensure organizational systems are properly secured, compliant, and resilient against cyber threats.

What is the difference between Cis Benchmark vs Security Analyst?

AspectCis BenchmarkSecurity Analyst
CredentialsNone specific, but familiarity with security standardsCertifications like CompTIA Security+, CISSP often preferred
Work EnvironmentSecurity configuration and compliance settingsMonitoring, analyzing security threats, incident response
Industry UsageUsed by organizations to establish security benchmarksEmployed in cybersecurity teams to protect systems

The Cis Benchmark focuses on creating security configuration standards, while a Security Analyst actively monitors and responds to security threats. Both roles are essential in cybersecurity, with the Cis Benchmark providing guidelines and the Security Analyst implementing and managing security measures.

What are some common challenges faced by professionals responsible for implementing CIS Benchmarks in an organization?

Professionals tasked with implementing CIS Benchmarks often face challenges such as balancing security with operational needs, ensuring consistent configuration across diverse systems, and managing resistance to change from stakeholders. Additionally, staying up to date with evolving benchmarks and remediating legacy systems to meet strict security controls can be complex. Collaboration with IT, security, and compliance teams is crucial to address these challenges effectively and maintain ongoing compliance.
Infographic showing various Cis Benchmark job openings in the United States as of July 2026, with employment types broken down into 83% Full Time, and 17% Contract. Highlights an 66% In-person, 17% Hybrid, and 17% Remote job distribution, with an average salary of $60,039 per year, or $28.9 per hour.
Mid-Level ISSO

$110K - $120K/yr

Full-time

Medical, Retirement

Re-posted 2 days ago


Job description

Description:

Information Systems Solutions (ISS) is looking for a Mid-Level ISSO supporting the Office of Naval Intelligence. This role is responsible for ensuring the security and compliance of information systems in accordance with Department of Defense and federal cybersecurity requirements. This role is responsible for ensuring the security and compliance of information systems in accordance with Department of Defense and federal cybersecurity requirements. The ideal candidate will support the implementation of the NIST Risk Management Framework, maintain system security documentation, and assist in continuous monitoring activities to ensure systems remain in a secure and authorized state.


This role is 100% onsite.


Specific duties include, but are not limited to the following:
System Security Management

· Maintain and update system security documentation (SSP, POA&M, SAR)

· Ensure systems comply with frameworks like NIST RMF

· Track vulnerabilities and remediation status

Assessment & Compliance Support

· Support security assessments (internal/external audits)

· Work with assessors during ATO processes

· Ensure controls from NIST SP 800-53 are implemented

Continuous Monitoring

· Review scan results (e.g., ACAS, SCAP)

· Identify findings and coordinate fixes with system admins

· Maintain ongoing authorization posture

Stakeholder Coordination

· Work with ISSMs, system owners, engineers

· Translate security requirements into actionable tasks

Incident Support
• Assist in incident response and reporting for systems you manage

Why Work For ISS?
At ISS we pride ourselves on providing an employee-focused and family first environment. Being a small business, we take the time to get to know our employees and have a vested interest in helping them achieve their career goals. We work to schedule regular social gatherings within the company to foster camaraderie. ISS values their employees by providing a comprehensive benefits package that includes a fully vested 401(k) matching program, coverage of family medical deductibles, spot bonuses, and educational assistance to further your career.

Requirements:

Clearance Level
TS/SCI clearance


Certifications (IAM Level II)
One of the following:

· CGRC

· CASP

· CISM

· CISSP (or Associate)

· CCISO


Required Skills
• 6+ years of experience in cybersecurity and equivalent field.
• Bachelor’s degree in a technical subject (or equivalent experience).
• Knowledge and experience with of the NAVINTEL ICD 503 Risk Management Framework (RMF) Implementation Policies/Directives and Dept. of Navy (DON) cybersecurity Policies/Directives.
• Knowledge and experience with automated tools such as Assured Compliance Assessment Solution (ACAS), Center for Internet Security (CIS) Benchmark, and Security Content Automation Protocol (SCAP), and Retina.
• Experience with ISSO responsibilities per SECNAV M-5239.2
• Knowledge and experience of cybersecurity, A&A and RMF documentation development and support