SME - Cyber Security - Security Control Assessor

Galaxia Technologies•Los Angeles, CO

12h•$200,000 - $310,000

About The Position

Galaxia Technologies Inc. is seeking a Subject Matter Expert (SME) - Cyber Security to rapidly advance the assessment and implementation of mission-critical systems. As a Cyber Security SME, you will provide expert guidance to enhance the organization's security posture, mitigate risks, and ensure compliance with industry standards. You will collaborate with cross-functional teams and leadership to assess and conduct gap analysis of innovative, scalable, and resilient security solutions.

Requirements

Bachelor’s degree in Cybersecurity, Computer Science, or a related field, and 15+ years of experience in cybersecurity architecture; or Master’s degree and 13+ years of experience.
15+ years of progressive experience as a cybersecurity engineer securing and assessing large scale/complex enterprise software efforts
5+ years of commercial industry experience with a proven track record of successfully securing and assessing complex enterprise software projects
Advanced knowledge of threat analysis, vulnerability management, and incident response best practices.
Knowledge reviewing the outputs from security tools, including SIEMs, firewalls, IDS/IPS, and endpoint protection solutions.
Expert knowledge of security frameworks, compliance standards, and regulations (e.g., NIST, ISO 27001, GDPR, DoD RMF).
Detailed understanding of and experience with identity and access management (IAM), encryption technologies, network/cloud security, and secure software development best practices.
Proficiency in conducting threat modeling and risk analysis to identify and mitigate vulnerabilities.
Expert problem-solving and analytical skills in addressing complex, large-scale security challenges.
Excellent communication skills for engaging with leadership, stakeholders, development teams, and industry or academic communities.
Ability to obtain and maintain a TS/SCI clearance and willingness to take a CI polygraph.

Nice To Haves

Certifications such as CISSP, CISM, CEH, GIAC, or CCSP.
Experience securing government or defense-related systems and environments.
Expertise in advanced threat detection, threat hunting, and forensic analysis.
Knowledge of DevSecOps practices and integrating security into CI/CD pipelines.
Familiarity with zero-trust architectures and AI-driven security technologies.
Experience working in highly classified environments supporting the IC/DoD for operational missions

Responsibilities

Conduct independent, in-depth evaluations of system security controls to ensure compliance and a strong cybersecurity hygiene.
Serve as a technical expert on cybersecurity matters, providing guidance on risk management, threat mitigation, and compliance strategies.
Oversee vulnerability assessments, penetration testing, and threat modeling to identify gaps/risks and recommend corrective actions.
Evaluate and provide recommendations on security policies, frameworks, and standards aligned with NIST, ISO 27001, GDPR, and DoD RMF requirements.
Collaborate with engineering, operations, and leadership teams to integrate security best practices into system and software development lifecycles (SDLC).
Stay updated on emerging cybersecurity threats, technologies, and regulations to maintain a cutting-edge security strategy.
Mentor and train team members on cybersecurity practices and tools.
Present security assessment reports, recommendations, and metrics to senior leadership and stakeholders.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume