Serve as the primary owner and internal lead for LINK’s CMMC Level 2 certification and third-party assessment (C3PAO) process
Develop, maintain, and enforce the System Security Plan (SSP), Plan of Action & Milestones (POA&M), and all CMMC documentation
Ensure continuous compliance with NIST SP 800-171 controls and CMMC Level 2 practices across all in-scope systems and processes
Monitor evolving federal cybersecurity mandates including DFARS clauses, FAR, and CUI handling requirements
Lead annual self-assessments and support recurring third-party assessments to maintain certification standing
Manage and control Controlled Unclassified Information (CUI) policies, procedures, and employee training
Manage LINK’s MSP relationship for help desk support, laptop provisioning, and device lifecycle management
Define clear SLAs, performance expectations, and accountability structures for the MSP
Ensure MSP operations are aligned with CMMC requirements and LINK’s security policies
Evaluate MSP performance regularly and make recommendations regarding vendor continuation, renegotiation, or transition
Act as the internal escalation point for all MSP-related issues and serve as the primary liaison for the vendor relationship
Assess and document current-state IT operations, identifying informal or undocumented processes that require standardization
Develop a process maturity roadmap that prioritizes compliance-critical workflows and scales with organizational growth
Design, document, and maintain SOPs for core IT functions including device provisioning, change control, and service request management
Implement a formal IT change management process including change advisory, approval workflows, and rollback procedures
Conduct regular process reviews to identify inefficiencies, close gaps, and incorporate lessons learned from audits and incidents
Implement LINK’s cybersecurity program including threat monitoring, vulnerability management, and endpoint protection
Develop, test, and maintain the Incident Response Plan (IRP) and Business Continuity/Disaster Recovery (BC/DR) plans
Manage security awareness training and simulated phishing programs for all staff
Manage identity and access management, multi-factor authentication (MFA), and least-privilege access controls
Collaborate with operations, program management, and finance to ensure IT and business systems support contract delivery
Support business development and capture teams with IT/security sections for proposals, including CMMC compliance attestations
Provide input to leadership on technology budget planning, forecasting, and vendor spend management
Implement technology solutions that improve internal business operations, productivity, and scalability
Support onboarding and off-boarding processes to ensure secure and efficient employee IT lifecycle management

Requirements

Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field
5 - 8 years of progressive IT leadership experience, including:
2+ years in a government contracting or federal consulting environment
Demonstrated hands-on experience with CMMC, NIST SP 800-171, or equivalent federal cybersecurity frameworks
Experience managing or overseeing a managed service provider relationship
Hands-on experience with Google Workspace administration and enterprise security configuration
Demonstrated experience managing macOS endpoints including Apple Business Manager and MDM platforms
Proven ability to develop, document, and implement information security policies, SSPs, and POA&Ms
Demonstrated ability to communicate complex technical and compliance concepts to non-technical leadership.

Benefits

$100 monthly internet/cell phone stipend
LINK sponsored healthcare benefits including medical, dental, vision
Company-paid Short Term Disability Insurance
401K with employer contribution of up to 4%
11 Federal Holidays per year
15 days of Paid Time Off (PTO) per year
Paid Holiday Time Off (Christmas Eve through the New Year)
Annual bonus plan participation
Annual profit sharing participation
$2,000 Learning and Development program reimbursement
Technology package that includes a LINK-owned MacBook Pro, monitor, mouse and keyboard

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

CMMCNIST SP 800-171System Security Plan (SSP)Plan of Action & Milestones (POA&M)Incident Response Plan (IRP)Business Continuity/Disaster Recovery (BC/DR)identity and access managementmulti-factor authentication (MFA)Google Workspace administrationmacOS endpoint management

Soft Skills

leadershipcommunicationcollaborationproblem-solvingprocess improvementvendor managementtrainingdocumentationaccountabilitystrategic planning

Certifications

CMMC Level 2 certificationBachelor’s degree in Information TechnologyBachelor’s degree in CybersecurityBachelor’s degree in Computer Science