Fabcorp and related entities is seeking a dedicated and compliance-driven IT professional to oversee our information technology infrastructure and ensure full alignment with NIST SP 800-171 and CMMC 2.0 Level 2 security requirements. You will be responsible for implementing technical controls, managing hardware/software stacks, and maintaining the documentation necessary for upcoming self-attestation events or C3PAO certification audits. KEY RESPONSABILITIES Compliance Management: Translate NIST SP 800-171/CMMC requirements into actionable, daily IT operations and document evidence of compliance. System Security Administration: Manage and secure the IT environment, ensuring restricted access, encryption (at rest and in transit), and proper identification/authentication controls. Audit Preparation: Lead gap assessments, remediate vulnerabilities, and maintain comprehensive System Security Plans (SSPs) and Plans of Action & Milestones (POA&Ms). Incident Response: Develop, manage, and test internal incident response plans, logging systems, and continuous monitoring processes. Vendor & Asset Management: Maintain hardware and software inventories, oversee supply chain risk management, and ensure third-party tools meet compliance flow-downs. Hardware & Software Focus Areas To fulfill these mandates, the candidate will be expected to deploy, configure, and manage the following types of hardware and software solutions. Identity & Access Management (IAM/MFA): Deploy Multi-Factor Authentication (MFA) across all endpoints and VPNs; enforce strict Principle of Least Privilege. Endpoint Protection & MDM: Utilize Mobile Device Management (MDM) software and Endpoint Detection and Response (EDR) to track assets and prevent unauthorized software installations. Encryption Tools: Implement full-disk encryption on all company laptops and secure data-sharing software for Controlled Unclassified Information (CUI). SIEM & Log Management: Configure and monitor Security Information and Event Management (SIEM) software for auditing and accountability logs. Network Infrastructure: Manage Next-Generation Firewalls (NGFW), intrusion detection systems (IDS), and secure network segmentation configurations. Cloud Environments: Ensure FedRAMP compliant cloud services (e.g., GCC High environments) are correctly configured for secure CUI storage.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed