Cyber Security Specialist

About The Position

Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field
• Equivalent combination of education and directly relevant experience will be considered
• Familiarity with Zero Trust Architecture principles and implementation
• 3–5+ years of hands-on experience in an IT security or systems administration role
• Proven experience administering Microsoft 365 security features in a production environment
• Experience managing on-premises Windows Server environments including Active Directory
• Familiarity with firewall administration
• Demonstrated experience implementing or assessing against NIST SP 800-171 controls
• CompTIA Security+ or equivalent Required

Nice To Haves

• Experience with CMMC compliance, gap assessments, or C3PAO assessments preferred
• Experience with GCC High, Preveil, SecureFrame, Quick Track solutions a plus
• CompTIA CySA+ Preferred
• Certified CCMC Professional (CCP) Preferred
• Certificate CCA a plus

Responsibilities

• Support, update, and maintain the organization’s System Security Plan (SSP), Plan of Action & Milestones (POA&M), and all supporting compliance documentation relating to IT systems in coordination with the Compliance Manager.
• Recommend, architect, and design the necessary compliance frameworks, enclaves, hardware, and software required to meet compliance requirements.
• Conduct and track gap assessments against NIST SP 800-171 controls and CMMC Level 2 practice requirements.
• Lead remediation efforts for identified control gaps, coordinating with IT staff, management, and third-party vendors as needed.
• Prepare the organization for third-party CMMC assessments (C3PAO); serve as the primary IT point of contact during assessment activities.
• Maintain and update the CUI scope definition, data flow diagrams, and assessment boundary documentation based on organizational flow down information in coordination with the Compliance Manager.
• Administer and harden on-premises Active Directory (AD), DNS, DHCP, and file server environments in accordance with security baselines (CIS Benchmarks, DISA STIGs).
• Configure and manage firewalls, VLANs, and network segmentation controls to isolate CUI environments.
• Manage endpoint protection platforms (EPP/EDR) across all on-premises workstations and servers.
• Oversee patch management programs for operating systems, firmware, and third-party applications.
• Implement and monitor multi-factor authentication (MFA) for all user and privileged accounts.
• Control and audit use of removable media and portable storage devices.
• Administer and harden the Microsoft 365 security posture including Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams.
• Configure and manage Antivirus and EDR products.
• Implement and enforce Microsoft Purview Information Protection policies including CUI labeling to prevent data CUI data from entering commercial environments, data loss prevention (DLP), and retention policies.
• Manage Conditional Access policies, Entra ID (Azure AD) security settings, and Privileged Identity Management (PIM).
• Configure and maintain Microsoft Secure Score benchmarks; remediate identified gaps on a defined schedule.
• Administer Microsoft Intune for mobile device management (MDM) and mobile application management (MAM).
• Monitor security event logs, SIEM alerts, and threat intelligence feeds on an ongoing basis.
• Lead investigation and response to security incidents; document findings and corrective actions in accordance with DFARS 252.204-7012 reporting requirements.
• Conduct periodic vulnerability scans and penetration test coordination; track and remediate findings.
• Perform user access reviews on a defined schedule; enforce least privilege and separation of duties.
• Manage and review privileged account activity and administrator access logs.
• Develop, maintain, and enforce IT security policies, standards, and procedures.
• Provide targeted guidance on CUI handling, marking, and protection to program, engineering, and administrative staff related to IT equipment and software systems.
• Support HR in the security aspects of employee onboarding and offboarding processes.