Information Technology Security Administrator

Loft FederalArvada, CO
$115,000 - $145,000Onsite

About The Position

As the IT Systems Security Administrator at Loft Federal, you will turn policy into practice by hardening configurations, deploying security tools, managing identity/access, patching vulnerabilities, and generating the technical logs and evidence needed to maintain compliance with CMMC 2.0 (Level 2) and NIST SP 800-171. The ideal candidate will be a highly technical, hands-on IT Systems Security Administrator to implement, maintain, and secure our on-premises and cloud infrastructure. In this role, you will be a technical engine executing our security controls.

Requirements

  • 5+ years of hands-on experience in Systems Administration with a heavy focus on IT security.
  • U.S. Citizenship is required due to federal contracting compliance and data handling requirements.
  • Active DoD Secret clearance is required.
  • The ability to obtain and maintain a Top Secret / Sensitive Compartmented Information (TS/SCI) clearance is required.

Nice To Haves

  • Bachelor’s degree in information technology or a related field.
  • Experience with NIST 800-37, 800-53
  • IAT Level II Certification: Security+ CE, CCNA Security
  • Additional hands-on technical certifications (e.g., Azure Security Engineer Associate, CySA+, or Network+).
  • Demonstrated problem-solving and analytical abilities.
  • Familiarity with current cybersecurity threats and mitigation strategies.
  • Ability to work collaboratively with cross-functional teams.

Responsibilities

  • Configure and harden Windows/Linux endpoints, servers, and networks according to industry standards (e.g., CIS Benchmarks or DISA STIGs) to satisfy NIST/CMMC technical controls.
  • Administer and secure our cloud environments, specifically managing secure configurations in Microsoft 365 GCC High, Google GCP, and or AWS Gov cloud environments.
  • Implement and manage robust Mobile Device Management (MDM) policies using Microsoft Intune or equivalent tools.
  • Implement and enforce strict Identity and Access Management (IAM) controls, including Multi-Factor Authentication (MFA), Single Sign-On (SSO), and conditional access policies.
  • Configure and manage corporate network security, including firewalls, secure Wi-Fi, VPNs, and Network Access Control (NAC).
  • Configure, fine-tune, and monitor security tools, including Endpoint Detection & Response (EDR) and SIEM logs.
  • Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan.
  • Assist in investigations of computer security violations and incidents, reporting as necessary to the appropriate parties.
  • Assist with the technical vulnerability management lifecycle: execute regular vulnerability scans, analyze results, prioritize, and deploy patches across all systems.
  • Participate in threat, vulnerability, and risk assessments to implement effective security changes across the business.
  • Collaborate closely with the DevSecOps team to enforce and maintain NIST/CMMC compliance across our software development infrastructure, CI/CD pipelines, and application deployments.

Benefits

  • competitive salary
  • benefits package
  • truly remarkable culture guided by transparency and collaboration
  • work that is challenging and meaningful
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service