We're seeking a Cybersecurity & Compliance Analyst for a 6-9 month contract who will play a key role in driving the strategy, planning, implementing, monitoring, and managing security measures and compliance for the protection of controlled unclassified information (CUI), federal contract information (FCI), computer networks, and IT infrastructure and system information. The role will also spearhead the development of policies, procedures, and preparation for the DoD's Cybersecurity Maturity Model Certification (CMMC) Framework.
DUTIES AND RESPONSIBILITIES
- Participate and drive the development of policies, procedures, and documentation relating to CMMC compliance.
- Perform gap analysis, document cyber incidents, implement security measures, and assess standards related to achieving and maintaining compliance for ITAR, NIST SP 800-171, and CMMC 2.0 frameworks
- Partner with internal IT department staff to ensure all physical, supply chain, infrastructure, and cloud controlled unclassified information (CUI) is secure to DoD standard
- Audit security policies, procedures and controls for NIST SP 800-171
- Identify & mitigate cyber threats, document & establish protocols for security incidents, and assess and manage risks at the organization
- Maintain up-to-date knowledge of cyber security standards, technologies, and threats
- Support IT Administrators as needed with equipment configuration and deployment
- Support IT Administrators as needed with phone system support
- Identify areas of improvement and help develop solutions to implement
MINIMUM QUALIFICATIONS
- Education in Computer Science, Information Systems or related field (preferred)
- Five or more years' experience working in Information Security or Cybersecurity Analyst role with a strong focus on compliance and auditing DoD and Federal cybersecurity frameworks.
- In-depth understanding of NIST government frameworks and experience implementing and auditing NIST ST 800-171 controls.
- Three or more years' experience with incident response, risk assessment, and security management
- Strong working knowledge of the requirements, protocols, security measures and trends for CMMC compliance.
- Understanding of US Government and Federal compliance regulations such as ITAR and DFARS.
- Experience implementing, monitoring, and managing security measures & compliance for CUI and FCI.
- Deep working knowledge and skills regarding hardware, software, networks, and data centers, including Microsoft solutions, including Windows OS
- Understanding of virtualization technologies, specifically VMware
- Ability to identify vulnerabilities and threats
- Familiarity with information/cybersecurity tools (i.e., Azure/Microsoft Cloud environment
- Ability to work in a diverse environment, have a calm demeanor and communicate effectively as needed.
BONUS/Nice to Have QUALIFICATIONS
- Professional certifications with CMMC - i.e., (Certified CMMC Professional - CCP, Certified CMMC Assessor - CCA)
- CISSP certification or training
- Familiarity with iso 9001/27001/27002
Sponsorship:
Candidates must be legally authorized to work in the Unites States on a full-time basis and will not now nor in the future require sponsorship for employment visa.
