Lead the Company’s IT strategy, roadmap, governance, and annual budget in alignment with business objectives and defense contracting requirements.
Establish, maintain, and enforce IT policies, standards, and operating procedures, including security and compliance-related procedures.
Manage IT vendors, MSP/MSSP relationships, SaaS providers, and contractors; negotiate contracts and ensure service-level performance.
Maintain IT asset management and lifecycle controls (procurement, inventory, deployment, licensing, and secure disposition).
Own administration, configuration, and secure operation of Microsoft 365, including Entra ID (Azure AD), Exchange Online, SharePoint/OneDrive, Teams, Intune, and related security/compliance capabilities.
Implement and maintain M365 security baselines and access controls, including MFA, Conditional Access, role-based access control, least privilege, privileged access practices, and periodic access reviews.
Oversee user onboarding/offboarding, account provisioning, and access governance across corporate and program environments, including secure handling requirements where applicable.
Ensure reliable IT operations for HQ and remote users, including endpoint provisioning, patching, vulnerability remediation, standard device baselines, and escalation support.
Oversee and support corporate network and on-premises IT systems as applicable (e.g., firewalls, VPN, switching, Wi‑Fi, backups, identity integration, and related infrastructure).
Perform the role primarily remotely; travel as required to HQ, program sites, or customer locations to support on-premises requirements, deployments, outages, upgrades, audits, and mission-critical needs.
Lead the Company’s cybersecurity program, including risk management, security architecture, monitoring/alerting (directly and/or via MSSP), and incident response planning and execution.
Maintain vulnerability management, secure configuration, logging/auditing, change management, and endpoint/email security controls appropriate for a defense contracting environment.
Serve as the Company’s primary owner for CMMC Level 2 readiness and ongoing compliance for environments handling CUI.
Coordinate internal assessments, gap analyses, remediation plans, and preparation for C3PAO assessments as required.
Establish and execute continuous compliance processes, including evidence collection cadence, periodic control validation, and audit readiness.
Provide routine reporting to executive leadership on IT operations, cybersecurity posture, CMMC Level 2 status, risks, incidents, remediation progress, and resource needs.
Respond to customer security questionnaires, contractual cybersecurity flow-down requirements, supplier/partner security assessments, and due diligence requests.
Oversee administration and maintenance of the Company website and related services, including hosting/vendor management, DNS/domain administration, SSL/TLS certificates, uptime monitoring, backups, access control, and security hardening.
Maintain public-facing technical configurations as applicable, including SPF/DKIM/DMARC and domain/email reputation controls.
Provide IT and security enablement for strategic partners, including secure collaboration configurations, access governance, integrations support, and alignment to Company security/compliance requirements.
Serve as an IT point-of-contact for strategic partner onboarding/offboarding and operational coordination related to tools, access, and security requirements.
Periodically support program initiation and ongoing operations by providing interim IT support and coordination required by awarded PWS, including standing up accounts, devices, secure collaboration environments, and operational processes until program-specific IT resources are in place.
Coordinate with Program Management to ensure IT deliverables, timelines, documentation, and security requirements are met for program execution and transition.
Establish and maintain business continuity, backup, and disaster recovery plans for critical systems; conduct periodic testing and document results.
Lead or coordinate incident response activities, including triage, containment, eradication, recovery, root-cause analysis, and post-incident reporting.

Requirements

Bachelor’s Degree in Computer Science, Engineering, Math or related field or equivalent experience required.
Minimum of 8 years of hands-on, LAN/WAN operational networking experience.
Must be able to communicate effectively, have strong interpersonal skills, and good judgment with the ability to work alone or as part of a team.
Preferred (not required): (1) CompTIA SEC+ certification (2) Ability to build and deploy computer image, (3) Veteran or Spouse of Veteran, (4) Familiar with developing IT centric project plans, (5) DOD Contractor Experience (6) Foundational AWS Certification, AWS Certification Cloud Practitioner, (7) Certification in Cisco Network Associate, (8) CCNA would also be useful as their legacy environment has a Cisco router and Cisco.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

IT strategyIT governanceIT asset managementMicrosoft 365Azure ADM365 security baselinesvulnerability managementincident responsenetworkingdisaster recovery

Soft Skills

communicationinterpersonal skillsjudgmentteamworkleadership

Certifications

Bachelor's DegreeCompTIA SEC+AWS Certification Cloud PractitionerCisco Network AssociateCCNA