Find The RightJob.

Cyber Security Specialist

JOB SUMMARY

The Cybersecurity Specialist is responsible for designing, implementing, and maintaining the organization’s IT cybersecurity program in alignment with NIST SP 800-171, Cybersecurity Maturity Model Certification (CMMC) IT requirements, and applicable federal regulations. This role owns the day-to-day security posture of on-premises infrastructure and Microsoft 365 (M365) environments, IT security best practices, supports audit readiness, and serves as the internal subject-matter expert for all matters related to the protection of IT assets.

This is a hands-on technical role that also requires strong communication skills — the Specialist must translate complex security requirements into actionable guidance for non-technical staff and effectively partner with the compliance manager on CMMC and NIST regulatory frameworks.

Responsibilities include:

NIST SP 800-171 & CMMC Compliance
- Support, update, and maintain the organization’s System Security Plan (SSP), Plan of Action & Milestones (POA&M), and all supporting compliance documentation relating to IT systems in coordination with the Compliance Manager.
- Recommend, architect, and design the necessary compliance frameworks, enclaves, hardware, and software required to meet compliance requirements.
- Conduct and track gap assessments against NIST SP 800-171 controls and CMMC Level 2 practice requirements
- Lead remediation efforts for identified control gaps, coordinating with IT staff, management, and third-party vendors as needed
- Prepare the organization for third-party CMMC assessments (C3PAO); serve as the primary IT point of contact during assessment activities
- Maintain and update the CUI scope definition, data flow diagrams, and assessment boundary documentation based on organizational flow down information in coordination with the Compliance Manager.

Infrastructure Security
- Administer and harden on-premises Active Directory (AD), DNS, DHCP, and file server environments in accordance with security baselines (CIS Benchmarks, DISA STIGs)
- Configure and manage firewalls, VLANs, and network segmentation controls to isolate CUI environments
- Manage endpoint protection platforms (EPP/EDR) across all on-premises workstations and servers
- Oversee patch management programs for operating systems, firmware, and third-party applications
- Implement and monitor multi-factor authentication (MFA) for all user and privileged accounts
- Control and audit use of removable media and portable storage devices
- Administer and harden the Microsoft 365 security posture including Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams
- Configure and manage Antivirus and EDR products
- Implement and enforce Microsoft Purview Information Protection policies including CUI labeling to prevent data CUI data from entering commercial environments, data loss prevention (DLP), and retention policies
- Manage Conditional Access policies, Entra ID (Azure AD) security settings, and Privileged Identity Management (PIM)
- Configure and maintain Microsoft Secure Score benchmarks; remediate identified gaps on a defined schedule
- Administer Microsoft Intune for mobile device management (MDM) and mobile application management (MAM)

Monitoring and Incident Response
- Monitor security event logs, SIEM alerts, and threat intelligence feeds on an ongoing basis
- Lead investigation and response to security incidents; document findings and corrective actions in accordance with DFARS 252.204-7012 reporting requirements
- Conduct periodic vulnerability scans and penetration test coordination; track and remediate findings
- Perform user access reviews on a defined schedule; enforce least privilege and separation of duties
- Manage and review privileged account activity and administrator access logs

Policy, Training, and User Awareness
- Develop, maintain, and enforce IT security policies, standards, and procedures
- Provide targeted guidance on CUI handling, marking, and protection to program, engineering, and administrative staff related to IT equipment and software systems
- Support HR in the security aspects of employee onboarding and offboarding processes

PRINCIPAL CONTACTS INSIDE/OUTSIDE THE COMPANY

This position interacts with a wide variety of Armor office employees and senior management.

COMPETENCY OR POSITION REQUIREMENTS

Attention to Detail — CMMC and NIST documentation must be precise and audit-ready

Communication — Ability to explain security requirements clearly to non-technical staff

Ownership Mentality — Takes initiative on compliance gaps without waiting to be directed

Discretion — Regularly handles sensitive data and must maintain strict confidentiality

Collaboration — Works cross-functionally with compliance and operations teams

Adaptability — CMMC rulemaking continues to evolve and must stay current and pivot quickly

EDUCATION

Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field
Equivalent combination of education and directly relevant experience will be considered

EXPERIENCE

Familiarity with Zero Trust Architecture principles and implementation
3–5+ years of hands-on experience in an IT security or systems administration role
Proven experience administering Microsoft 365 security features in a production environment
Experience managing on-premises Windows Server environments including Active Directory
Familiarity with firewall administration
Demonstrated experience implementing or assessing against NIST SP 800-171 controls
Experience with CMMC compliance, gap assessments, or C3PAO assessments preferred
Experience with GCC High, Preveil, SecureFrame, Quick Track solutions a plus

EXPERIENCE

CompTIA Security+ or equivalent Required
CompTIA CySA+ Preferred
Certified CCMC Professional (CCP) Preferred
Certificate CCA a plus

WORKING AND PHYSICAL CONDITIONS

Primarily office-based
Will be required to work outside of normal business hours for incident response or maintenance windows
Ability to sit for extended periods and work at a computer workstation
Occasional lifting of IT equipment (up to 40 lbs.)

Similar jobs