Cyber Security Specialist (CMMC Compliance)

Canopy A&D
1d$130,000 - $150,000Remote

About The Position

We are seeking a proactive and knowledgeable Cyber Security Specialist to lead our information security efforts, specifically focusing on achieving and maintaining CMMC 2.0 compliance (Level 1 and/or Level 2). This position acts as the bridge between technical IT security, manufacturing operations (OT), and contractual defense obligations. The ideal candidate understands the unique security challenges of the Aerospace & Defense industry, including the protection of Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).

Requirements

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
  • 3–5+ years of experience in IT or Cybersecurity, including direct experience supporting CMMC, NIST SP 800-171, or DFARS compliance within the Defense Industrial Base.
  • Demonstrated hands-on experience implementing and assessing NIST SP 800-171 security controls.
  • Strong understanding of DFARS 252.204-7012 requirements and CMMC 2.0 framework.
  • Experience with Windows and/or Linux systems, Active Directory, identity and access management, firewalls, VPNs, endpoint protection platforms, and vulnerability management tools.
  • Familiarity with hybrid IT/OT environments and protecting intellectual property within CAD/CAM or manufacturing systems.
  • Ability to translate regulatory requirements into scalable technical and operational solutions.
  • Strong documentation, communication, and cross-functional leadership skills.
  • Must be a U.S. Person (U.S. Citizen or Permanent Resident) due to ITAR/EAR regulations.

Nice To Haves

  • Experience with Microsoft GCC High (or Azure GovCloud).
  • Experience with managed service providers (MSPs) in a manufacturing environment.
  • Background in NIST 800-172 or Advanced Persistent Threat (APT) protection.
  • CMMC Certified Professional (CCP or CCA), CISSP, CISM, Security+, or equivalent certification.

Responsibilities

  • Lead the implementation, assessment, and continuous improvement of security controls aligned with NIST SP 800-171 and CMMC 2.0, ensuring organizational readiness for Level 2 certification.
  • Own and maintain the System Security Plan (SSP), Plans of Action and Milestones (POA&M), security policies, procedures, and compliance documentation.
  • Map and protect Controlled Unclassified Information (CUI) throughout its lifecycle, including data flows across engineering design (CAD/CAM), procurement, quality, manufacturing, and external suppliers.
  • Serve as the primary liaison for CMMC assessments, including coordination with C3PAOs, audit preparation, artifact management, and remediation tracking.
  • Implement and monitor security controls across both IT and OT environments, including identity and access management, multi-factor authentication, encryption, endpoint detection and response (EDR), SIEM, firewalls, and network segmentation.
  • Conduct vulnerability scanning, risk assessments, and gap analyses against NIST SP 800-171 controls, prioritizing mitigation efforts based on operational and contractual risk.
  • Lead cyber incident response activities, including documentation and reporting of incidents impacting CUI within required DFARS timelines (e.g., 72-hour reporting).
  • Partner cross-functionally with engineering, operations, quality, and leadership to embed cybersecurity into product development and manufacturing processes.
  • Oversee relationships with managed service providers (MSPs), cloud providers, and external security vendors to ensure secure configurations and regulatory compliance.
  • Develop and deliver practical cybersecurity training tailored to aerospace manufacturing personnel, including phishing awareness, secure technical data handling, and CUI best practices.
  • Establish compliance dashboards and executive reporting mechanisms to provide visibility into security posture and remediation progress.
  • Support and secure cloud environments, including Microsoft GCC High or Azure Government, where applicable.

Benefits

  • Company paid employee medical, dental and vision insurance.
  • Retirement plan participation (eligibility required)
  • paid sick leave
  • paid vacation
  • paid holidays
  • discretionary bonuses
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service