Senior Cybersecurity Compliance Consultant (NIST 800-53)

Remote: 
Hybrid
Contract: 
Work from: 
Richmond (US)

Offer summary

Qualifications:

5–8 years of IT or cybersecurity experience with a focus on NIST frameworks, especially 800-53., Proven ability to develop System Security Plans (SSPs) and related documentation., Experience using ServiceNow GRC or similar compliance management platforms., Strong communication skills and experience managing client relationships and team deliverables..

Key responsibilities:

  • Lead the development and maintenance of security documentation such as SSPs and SARs.
  • Implement and map controls aligned with NIST 800-53 Revision 5.
  • Manage compliance workflows and system artifacts using ServiceNow GRC.
  • Liaise with stakeholders, lead a junior analyst, and present project status reports.

Dragonfli Group logo
Dragonfli Group TPE https://www.dragonfligroup.com/
11 - 50 Employees
See all jobs

Job description

Description

About Dragonfli Group

The Dragonfli Group is a small business headquartered in Washington, DC, providing cybersecurity and IT consulting services to U.S. government agencies and large commercial enterprises. Our team supports programs ranging from short-term engagements to multi-year initiatives. We are known for our professionalism, agility, and mission-driven focus.


Position Overview


We are seeking a Senior NIST Consultant to support a cybersecurity program in Richmond, VA. This is a hybrid role with 2-3 days/week onsite requiring regular presence at the client location. The consultant will lead system security documentation, perform NIST 800-53 control implementation, and manage compliance efforts using ServiceNow GRC. The ideal candidate is technically adept, detail-oriented, and confident interfacing with both technical teams and client stakeholders.


Key Responsibilities



  • Develop and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), and associated A&A documentation.
  • Map and implement controls aligned with NIST 800-53 Revision 5.
  • Utilize ServiceNow GRC to manage compliance workflows and system artifacts.
  • Liaise with stakeholders to gather system data, define security postures, and address assessment requirements.
  • Ensure timely delivery of documentation and security milestones.
  • Lead and mentor a junior analyst and provide quality oversight of their work.
  • Create and present project status reports to internal and external audiences.
  • Identify process improvements in security governance and compliance.

Requirements

Required Qualifications

  • 5–8 years of total IT or cybersecurity experience
  • 5–8 years of hands-on experience with NIST frameworks, especially 800-53
  • Demonstrated expertise in developing SSPs and related documentation
  • Proficient in using ServiceNow GRC or similar platforms
  • Strong verbal and written communication skills
  • Experience managing client relationships and team deliverables in a deadline-driven environment

Certifications (Preferred | Nice-to-have)

  • CISSP (Certified Information Systems Security Professional) or
  • CISA (Certified Information Systems Auditor)

Additional Requirements

  • Must be onsite at the client location in Richmond, VA
  • Must reside within a commutable distance to Richmond, VA
  • Must be legally authorized to work in the United States

Benefits

Insurance (Health, Dental, Vision)

PTO and Federal Holidays

401(k) Retirement Plan


Required profile

Experience

Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Detail Oriented
  • Team Leadership
  • Communication

Cybersecurity Consultant Related jobs