Cybersecurity Administrator II - CUI

About The Position

Requirements

• Minimum of 5-7 years of experience in cybersecurity, with a heavy focus on risk management and federal data protection. An equivalent combination of a Master’s degree with 1-3 years of experience, or a Bachelor’s degree with 3-5 years of experience is acceptable.
• Extensive experience working with government contracts and a deep understanding of federal cybersecurity regulations, particularly NIST SP 800-171 and CMMC.
• Advanced proficiency in security technologies (SIEM, firewalls, IDS/IPS).
• Ability to obtain and maintain government security clearance is strongly preferred.
• Strong leadership, mentorship, and communication skills to bridge the gap between technical requirements and management goals.

Nice To Haves

• Advanced certifications such as CISSP, CISM, or CISA are preferred; specialized risk certifications like CRISC or CEH are a significant plus.

Responsibilities

• Risk Mitigation & CUI Oversight Identify and Prioritize Risks: Conduct high-level risk assessments and threat modeling specifically focused on the protection of CUI and Federal Contract Information (FCI).
• Develop Mitigation Strategies: Oversee the implementation and advancement of comprehensive risk mitigation strategies to ensure data integrity and confidentiality at the CUI level.
• Data Flow Analysis: Work with stakeholders and external vendors to ensure risk management and CUI handling protocols are embedded in all applicable organizational processes and systems.
• Technical Controls: Establish and enforce advanced security policies and protocols across the organization to meet stringent federal data protection standards.
• Security & Compliance Management Infrastructure Optimization: Manage and optimize security infrastructure, including firewalls, IDS/IPS, and SIEM systems, ensuring they are tuned to detect threats against sensitive data environments.
• Federal Compliance Leadership: Lead the technical implementation of compliance programs to adhere to CMMC, NIST (800-171/800-53), FISMA, and FedRAMP.
• Documentation & Auditing: Develop and maintain critical documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plan of Action and Milestones (POA&M) specifically for CUI-governed systems.
• Audit Readiness: Oversee regular compliance audits and assessments, ensuring all findings related to CUI protection are addressed promptly.
• Incident Response & Mentorship Directed Response: Lead the development of incident response plans and manage efforts for cybersecurity incidents, ensuring effective containment and recovery of impacted CUI assets.
• Post-Incident Analysis: Conduct detailed post-incident analysis to extract lessons learned and improve future risk mitigation strategies.
• Training and Awareness: Develop and lead cybersecurity training programs for employees and junior staff, focusing on proper CUI handling and compliance requirements.