Note: The job is a remote job and is open to candidates in USA. Lynk is building the world’s first global satellite-to-cellular network, enabling direct device-to-device (D2D) connectivity from commercial low Earth orbit (LEO) satellites to standard mobile phones. The Security Analyst / ISSO will own Lynk’s cybersecurity compliance program and be responsible for maintaining the security posture of CUI-scoped systems.
Responsibilities
- Own and maintain the System Security Plan (SSP) and Plan of Action & Milestones (POA&M) for all CUI-scoped systems; always keep documentation audit-ready
- Assess all 110 NIST SP 800-171 practices for implementation and effectiveness; map existing controls (Wazuh, ThreatDown, Tenable, ManageEngine, AD GPOs, SnipeIT) to CMMC requirements, identify gaps, and drive remediation
- Maintain the organizational risk register; support ongoing Risk Management Framework (RMF) processes and report risk posture to the CISO
- Lead preparation for CMMC Level 2 assessments — build evidence packages, coordinate with the C3PAO, and manage assessor requests and findings
- Develop and maintain cybersecurity policies, procedures, and standards aligned to CMMC, DFARS, SOC 2, and GDPR; ensure version control and staff acknowledgment records are maintained
- Define, track, and report security metrics and KPIs to the CISO and non-technical stakeholders including legal, contracts, and business development teams
- Support contract teams with DFARS clause requirements, cybersecurity representations, and customer security questionnaires
- Conduct vendor and third-party risk assessments; maintain supplier risk documentation
- Manage the security awareness training program and phishing simulations; maintain completion records per CMMC requirements
- Monitor SIEM for security events and alerts relevant to CUI systems; write and tune detection rules; triage and escalate incidents; produce post-incident reports with compliance impact assessment. Leverage audit log aggregation to satisfy CMMC AU (Audit & Accountability) control evidence requirements
- Monitor EDR alerts for CUI-scoped endpoints; investigate detections and coordinate response with IT
- Work with IT to ensure vulnerability findings are remediated within CMMC-required timeframes, track and report on remediation status
- Leverage MDM and Active Directory to enforce device compliance, GPO-based security baselines, and access control policies across CUI-scoped endpoints
- Use asset inventory as the authoritative hardware/software asset register for CMMC system boundary documentation; keep it current and audit ready
- Conduct periodic access control audits; enforce least-privilege across AD, SSO, and SaaS tooling handling CUI
Skills
- 3–6 years in cybersecurity with a strong GRC or compliance focus; prior ISSO experience or equivalent accountability preferred
- Deep, working knowledge of NIST SP 800-171 and DFARS 7012. Able to assess, gap-analyze, and evidence all 110 controls independently
- Demonstrated experience authoring SSPs and POA&Ms for government-facing or regulated environments
- Familiarity with the CMMC Level 2 assessment process and C3PAO engagement
- Hands-on SIEM experience: writing detection rules, querying logs, and generating compliance-grade audit evidence
- Hands-on experience with EDR and vulnerability scanning tools in a compliance context. Mapping tool outputs to NIST controls and generating assessor evidence
- Working knowledge of SOC 2 Type II and GDPR compliance requirements
- Some cloud security fundamentals (AWS preferred). IAM, CloudTrail, GuardDuty, access policies
- Clear, structured communicator. Equally comfortable writing formal policy documentation and briefing non-technical executives
- US citizenship or Lawful Permanent Resident status
- CMMC Registered Practitioner (RP) or Professional (CCP)
- CISSP / CISM / Security+
- RMF / ATO experience
- FedRAMP familiarity
- Space / satellite industry background
- Telecom or critical infrastructure security
- Prior C3PAO assessment experience
- GRC platform experience (Vanta, Drata, Archer, ServiceNow)
- Scripting in Python or Bash for evidence collection automation
- Zero-trust architecture
Benefits
- Competitive salary and equity in a company building genuinely novel global infrastructure.
- Remote-first, US-based role.
- Direct line to the CISO; your work defines Lynk’s compliance posture at a critical growth stage.
- A functioning security toolset already in place. Your focus is maturing and aligning it, not standing it up from scratch.
- Learning and certification budget.
Company Overview