Information Systems Security Administrator (ISSA)
About The Position
The Information Systems Security Administrator (ISSA) is responsible for supporting the security, compliance, and operational integrity of organizational information systems. This role bridges IT operations and cybersecurity, ensuring systems are configured, monitored, and maintained in accordance with regulatory frameworks such as CMMC, NIST 800-171, and organizational security policies. This role is critical to maintaining the organization's cybersecurity posture and regulatory compliance, ensuring protection of Controlled Unclassified Information (CUI) and supporting mission-critical operations. The ISSA will report to the Digital Technology Manager. The position requires a full-time work week spent in the office or hybrid with 3 days onsite. Normal hours are Monday through Thursday 7:00am-4:30pm and Friday 7:00am – 12:00pm. (Must be flexible to work additional hours as needed based on project requirements and deadlines.)
Requirements
- Bachelor's degree in Information Technology, Cybersecurity, or related field (or equivalent experience)
- 3+ years of experience in system administration, cybersecurity, or compliance-focused IT roles
- Working knowledge of cybersecurity frameworks (CMMC, NIST 800-171, NIST 800-53)
- Experience with Microsoft 365 (GCC preferred), Azure AD, and endpoint management tools (Intune)
- Familiarity with vulnerability management, patching processes, and system hardening
- Understanding of access control, authentication (MFA), and identity management
- Strong attention to detail and compliance mindset
- Ability to balance security requirements with operational needs
- Effective communication across technical and non-technical teams
- Proactive problem-solving and continuous improvement approach documentation and organizational skills
- U.S. Citizenship is required. Candidates must be eligible to obtain and maintain a U.S. Government security clearance, if required for the position.
Nice To Haves
- Experience supporting CMMC Level 2 environments or similar regulated environments
- Familiarity with tools such as Microsoft Defender, SIEM platforms, and compliance tools (e.g., IntelliGRC)
- Relevant certifications (Security+, CySA+, CISSP, or similar)
- Experience with audit preparation and evidence collection
Responsibilities
- Support implementation and maintenance of cybersecurity controls aligned with CMMC, NIST 800-171, and other applicable frameworks
- Monitor systems and environments for security events, vulnerabilities, and compliance gaps
- Assist in maintaining system security plans (SSP), policies, procedures, and supporting documentation
- Administer user access controls, account provisioning/deprovisioning, and least privilege enforcement
- Support endpoint and mobile device management (e.g., Microsoft Intune, MAM/MDM policies)
- Assist with incident response activities, including investigation, containment, and reporting
- Conduct routine system audits, vulnerability scans, and remediation tracking
- Ensure secure configuration, patching, and hardening of systems and applications
- Support implementation and monitoring of MFA, encryption, and data protection controls
- Collaborate with IT and business units to ensure secure system integrations and operations
- Assist with third-party/vendor security reviews and compliance requirements
- Support internal and external audits, assessments, and C3PAO readiness efforts
Benefits
- 401(k) with employer match
- Dental Insurance
- Disability Insurance
- Health Insurance
- Vision Insurance
- Paid Parental and Maternity Leave
- Life Insurance
- Paid Time Off – 120 hours per year to start (prorated in first year of employment)
- Continuing Education
- Annual Year End Paid Holiday Closure
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
