×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Sr. Technology Controls Architecture & Assurance Lead

Job in San Jose, Santa Clara County, California, 95199, USA
Listing for: AlleyCorp
Full Time position
Listed on 2026-07-03
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 120000 - 160000 USD Yearly USD 120000.00 160000.00 YEAR
Job Description & How to Apply Below
Position: Sr. Staff Technology Controls Architecture & Assurance Lead

Archer is an aerospace company based in San Jose, California, building an all‑electric vertical take‑off and landing aircraft to advance sustainable air mobility. We design, manufacture, and operate an all‑electric aircraft that can carry four passengers while producing minimal noise.

We believe that diversity makes us smarter, drives better insights, and ultimately lifts us all to success. We are dedicated to cultivating an equitable and inclusive environment that embraces differences and supports all team members.

Role Overview

Archer is seeking a Senior Staff Technology Controls & Assurance Lead to serve as a cornerstone of our GRC function, reporting to the Sr. Director of Governance, Risk & Compliance. In this high‑visibility role, you will own IS policy development, internal controls governance, risk quantification, and engagement with internal and external audit bodies.

Expect a role that requires intellectual rigor, communication precision, and technical depth. You will apply both qualitative judgment and quantitative discipline to build data‑driven KRIs, leverage AI and analytics to surface themes, and translate signals into action.

What You Will Own

IS POLICY & CONTROLS DEVELOPMENT

Lead the development, maintenance, and lifecycle governance of Archer’s Information Security policy library, standards, and control frameworks. Ensure policies align with regulatory obligations such as NIST SP 800‑171, CMMC Level 2, NIST SP 800‑161, DFARS, and ITAR, and translate them into implementable control requirements for engineering and operations teams.

ISSUE MANAGEMENT & RISK MITIGATION GOVERNANCE

Own the enterprise IS Issue Management process from identification through closure—establishing severity thresholds, SLA frameworks, escalation paths, and executive reporting cadences. Govern risk acceptance, exception management, and Plan of Action & Milestones processes, ensuring timely remediation and clear communication of residual risk.

CONTROL SELF‑ASSESSMENTS (CSAS)

Design and execute Archer’s internal Control Self‑Assessment program—developing testing procedures, coordinating with control owners across engineering, IT, finance, and legal, and producing structured findings that drive improvement. Maintain ongoing awareness of control effectiveness between formal audit cycles.

INTERNAL & EXTERNAL AUDIT MANAGEMENT

Serve as the primary IS liaison for internal audit, external financial auditors, and government compliance assessors—including CMMC C3

PAO assessments and DCSA reviews. Manage evidence collection, artifact packaging, auditor communications, and findings remediation tracking.

SOX ITGC COMPLIANCE

Own Archer’s SOX IT General Controls program—coordinating with external auditors, managing ITGC scoping, and ensuring change management, access controls, and IT operations controls meet public‑company financial reporting requirements.

QUANTITATIVE RISK ANALYSIS & KRI DEVELOPMENT

Build and maintain Key Risk Indicators that reflect actual risk exposure trends. Apply probabilistic modeling and loss magnitude estimation to prioritize remediation and communicate risk in financial terms to executive and board audiences. Leverage AI‑assisted analytics to identify themes, concentrations, and anomalies.

REGULATORY COMPLIANCE & DEFENSE PROGRAM OBLIGATIONS

Maintain deep working knowledge of DFARS 252.204‑7012, ITAR Part 120‑130, CMMC Level 2, and evolving DoD cybersecurity requirements. Advise program teams on data handling, access control, and CUI safeguarding obligations and ensure audit‑readiness for government assessments.

FAA INFORMATION SECURITY & AIRCRAFT CERTIFICATION SUPPORT

Partner with engineering, avionics, and certification teams to align IS controls with FAA Aircraft Systems Information Security/Protection (ASISP) requirements throughout the type certification lifecycle. Assess impact of unauthorized electronic interactions on aircraft safety and maintain awareness of evolving FAA rule making.

EXECUTIVE COMMUNICATION & STAKEHOLDER ENGAGEMENT

Produce executive‑quality risk briefings, board‑level dashboards, and audit‑ready evidence packages. Communicate complex technical risk findings clearly to non‑technical…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary