Lead implementation and sustainment of NIST SP 800-171 controls and CMMC Level 2 practices.
Develop and maintain compliance artifacts: SSPs, POA&Ms, Asset inventories, boundary definitions, Network and data flow diagrams.
Conduct internal gap assessments and readiness reviews for CMMC.
Support evidence collection and technical walkthroughs during audits.
Translate compliance requirements into actionable technical work items.
Design, implement, and harden on-premise systems supporting CUI environments (Windows/Linux servers, AD/Entra ID hybrid, virtualization, network segmentation).
Implement and tune technical security controls, including: Identity & access management (MFA, least privilege, RBAC), Endpoint security (EDR, device hardening, patching), Vulnerability scanning and remediation, Centralized logging and monitoring (SIEM), Secure configuration baselines (CIS/STIG-aligned).
Partner with IT infrastructure to implement network security controls (firewalls, VLANs, NAC, secure remote access).
Support secure system builds, change management, and incident response in CUI environments.
Help integrate security into on-prem and hybrid architectures (VMware/Hyper-V + cloud where applicable).

Requirements

Demonstrated, hands-on experience implementing NIST SP 800-171 controls, preferably in manufacturing environments
Experience supporting CMMC Level 2 readiness or assessments.
Strong background in on-prem infrastructure security, including: Windows and/or Linux server hardening
Active Directory or hybrid identity environments
Virtualized infrastructure (VMware/Hyper-V)
Network segmentation and firewall policy design
Experience with security tooling: vulnerability scanners, EDR, SIEM, MFA/IAM, configuration management.
Experience securing environments handling CUI (unclassified).
Ability to move fluidly between documentation and technical implementation.
Strong communication skills with engineers, IT staff, and leadership.
Experience remediating findings from 800-171 assessments or pre-CMMC readiness reviews.
Experience with hybrid environments (on-prem + cloud).
Typically, a Bachelor Degree (or equivalent) in Computer Science, Information Technology, Cybersecurity, or a related field with 4+ years of experience.
Familiarity with NIST SP 800-53 and other relevant security standards for classified systems.
CompTIA Security+ certification or equivalent.
Understanding of risk management frameworks used in government environments.
May be required to maintain security clearance.

Benefits

Climate controlled, well-lit and clean work environment!
Work/life balance that includes up to 3 weeks PTO for first year
8 Paid Holidays, with 3 floating holidays
401k Plan with Company Match
Educational Assistance Program (Tuition Reimbursement)
Wellness Program and incentives
Company HSA contributions
Insurance Benefits that start 1st of the month following hire
Eligibility in Company Performance-based bonuses annually
Additional Employee Discounts and Perks
Company-Paid Benefits: $75 monthly student loan repayment program
Basic Life Insurance
Basic Accidental Death and Dismemberment (AD&D) Insurance
Short Term Disability
Long Term Disability
Employee Assistance Program (EAP)
Voluntary Employee-Paid Benefits: Medical and Prescription insurance
Dental insurance
Vision insurance
Supplemental Life Insurance Plans
Supplemental AD&D insurance for Employee and Family
Accident Plan
Critical Illness Plan
Hospital Indemnity Plan
Pet Insurance
Identity Theft

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

NIST SP 800-171CMMC Level 2Windows server hardeningLinux server hardeningActive DirectoryVMwareHyper-Vnetwork segmentationfirewall policy designvulnerability scanning

Soft Skills

strong communication skillsability to translate compliance requirementscollaboration with IT staffdocumentation skillsincident response

Certifications

CompTIA Security+