Security Advisor – Control Assessor

Established in 2014 and based in Charleston, South Carolina, Soteria's expertise in the cybersecurity domain is predicated upon the accumulated practical experience across all team members. Soteria's security professionals have held leading positions in private industries, state governments, and federal intelligence communities.

Driven by this combined pool of knowledge as well as the belief that “Security is for Everyone,” Soteria offers advisory services and solutions which are significantly differentiated from the security status quo. Soteria treats each client as a unique case deserving of individualized security insights and specialized hands‑on assistance.

The Security Advisor – Control Assessor is responsible for executing structured cybersecurity control assessments. This role focuses on consistent, evidence‑based validation of a defined set of key security controls across multiple client organizations, supporting statewide or enterprise‑wide assessment initiatives.

This position is ideal for an assessor who thrives in repeatable, methodology‑driven environments, values precision and documentation quality, and understands the importance of comparability, defensibility, and audit rigor. The role emphasizes execution excellence rather than bespoke advisory consulting.

• Execute cybersecurity control assessments against a defined subset of key controls aligned to established frameworks (NIST SP 800-53 Rev.
  5).
• Assess control implementation status using standardized criteria and validation methodologies. (NIST SP 800-53A Rev.
  5).
• Test information systems using documentation review, system walk‑throughs, and stakeholder interviews to assess the design and operating effectiveness of NIST SP 800-53 Rev. 5 security controls.
• Apply consistent judgment to determine evidence sufficiency and appropriateness.
• Maintain organized evidence repositories using secure collaboration platforms.
• Draft standardized assessment narratives and findings.
• Contribute to assessment workbooks, reports, and presentations using approved templates and language standards.
• Adhere strictly to defined assessment methodologies, scope boundaries, and validation standards.
• Ensure assessments are executed consistently across multiple clients to support trend analysis and benchmarking.
• Support quality assurance reviews by addressing feedback and ensuring accuracy and clarity of deliverables.
• Escalate ambiguities, inconsistencies, or control interpretation questions to senior team members.
• Participate in client interviews and working sessions in a professional, structured manner.
• Communicate assessment expectations and evidence needs clearly to stakeholders.
• Collaborate effectively with Lead Assessors and peers to meet delivery timelines.

• GSuite (Gmail, Docs, Sheets, Slides, Calendar)
• Microsoft 365 (Word, Excel, PowerPoint, Teams)
• Zoom
• Asana
• Slack

• 3+ years of experience in cybersecurity, IT risk, audit, or compliance.
• 1+ year of experience performing IT audits or control assessments.
• Familiarity with common cybersecurity frameworks (NIST CSF, NIST 800‑53 Rev. 5, ISO 27001, CIS Controls).
• Strong written communication skills with the ability to produce clear, defensible documentation.
• Proficiency with Microsoft Word, Excel, and collaboration tools.
• Relevant certifications (CISA, CISM, CISSP, or similar) preferred.
• Detail‑oriented with strong analytical judgment.
• Comfortable working in structured, repeatable delivery models.
• Maintains confidentiality and professionalism with sensitive client information.

• Prolonged periods of being at a desk and working on a computer.

• This role is primarily remote; however, periodic travel to client sites is required based on client needs.

• Soteria is a remote workforce with flexibility in scheduling. The majority of work time will be 9:00 AM EST to 5:00 PM EST.