Cyber Risk Assessment Jobs in Colorado (NOW HIRING)

York Space Systems was founded to radically improve spacecraft affordability and reliability, transforming, and enabling next- generation space mission operations worldwide. Today, York is one of the most innovative aerospace companies, specializing in end-to-end customer solutions and the rapid production of spacecraft platforms. York's complete Space Segment Solution includes spacecraft production, payload integration, system integration & test, launch services, ground segment services, and mission operations, enabling customers to leverage York's existing technology solutions to get to orbit rapidly and responsively. We're looking to expand our team across the board.
Position Summary
York Space Systems is seeking a Senior Cyber Risk & Compliance Specialist to support and mature the company's cybersecurity governance, risk, and compliance programs. This individual will serve as a senior member of the Cybersecurity organization and play a critical role in driving CMMC Level 2 certification readiness, enterprise cyber risk management, audit support, third-party risk management, and cybersecurity governance initiatives.
This role requires an experienced cybersecurity professional capable of independently leading projects, collaborating with technical and business stakeholders, and translating regulatory and security requirements into practical, scalable solutions that support York's business objectives and national security mission.
Why Join York?
• Opportunity to support one of the fastest-growing aerospace and defense companies in the industry
• Direct impact on cybersecurity, compliance, and risk management initiatives supporting national security missions
• Exposure to CMMC, NIST SP 800-171, GCC High, enterprise cybersecurity governance, and AI governance programs
• Opportunity to help build and mature a rapidly growing cybersecurity organization
• TS/SCI clearance sponsorship for qualified cybersecurity personnel
Key Responsibilities
• Lead CMMC Level 2 implementation, readiness activities, and assessment preparation
• Own control testing, validation, and compliance monitoring activities
• Manage and mature the Plan of Action & Milestones (POA&M) program
• Conduct enterprise cyber risk assessments and facilitate risk management activities
• Maintain and mature the enterprise cyber risk register
• Perform control gap analyses and develop remediation recommendations
• Lead cybersecurity vendor and third-party risk reviews
• Support SOX IT General Controls (ITGC) compliance activities and audit engagements
• Coordinate internal and external audit responses
• Develop, maintain, and improve cybersecurity policies, standards, baselines, and procedures
• Support enterprise AI governance and cybersecurity governance initiatives
• Partner with IT, Engineering, Security Operations, Legal, HR, and business stakeholders to drive compliance and risk reduction efforts
• Support governance and oversight of cybersecurity technologies and platforms including Microsoft GCC High, identity and access management solutions, endpoint security technologies, and compliance management platforms
• Mentor junior team members and provide guidance on cybersecurity governance and compliance best practices
• Independently manage cybersecurity projects and program initiatives from planning through execution
Required Qualifications
• 7+ years of cybersecurity, risk, compliance, audit, governance, or related experience
• Experience supporting one or more cybersecurity frameworks such as CMMC, NIST SP 800-171, NIST Cybersecurity Framework (CSF), RMF, ISO 27001, FedRAMP, SOC 2, or SOX
• Experience conducting risk assessments and control evaluations
• Experience supporting audits, assessments, or regulatory compliance initiatives
• Strong understanding of cybersecurity risk management principles
• Excellent written and verbal communication skills
• Ability to work effectively across technical and non-technical teams
• Strong project management and organizational skills
• Ability to obtain a US security clearance
• Willingness to work onsite at our Greenwood Village, CO location
• US Citizenship
Preferred Qualifications
Experience in the following areas:
• Supporting defense, aerospace, government contracting, or highly regulated environments
• Supporting Microsoft GCC High environments
• Hyperproof or similar GRC platforms
• Supporting cybersecurity governance initiatives in cloud and hybrid enterprise environments
• Supporting AI governance, data governance, or emerging technology governance programs
Preferred Certifications
• CISSP
• CRISC
• CISA
• CMMC CCP or CCA
• Security+
Benefits
In addition to compensation, York Space Systems is proud to offer a comprehensive benefits package including medical, dental, and vision insurance along with PTO and a 401K.
How To Apply
Interested candidates are encouraged to apply by clicking the "Apply" link at the top of the page. York Space Systems will be accepting applications on a rolling basis until the position is closed. York Space Systems provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, military or protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Must have permanent authorization to work in the United States. This policy applies to all terms and conditions or employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. YORK SPACE SYSTEMS IS AN EEO EMPLOYER.