Cybersecurity & Compliance Analyst (CMMC)
$90,000 - $130,000/Yr
Palomar Products - Rancho Santa Margarita, CA
posted about 11 hours ago
- Mid Level
Rancho Santa Margarita, CA
Administrative and Support Services
About the position
The Cybersecurity & Compliance Analyst will play a key role in driving the strategy, planning, implementing, monitoring, and managing security measures and compliance for the protection of controlled unclassified information (CUI), federal contract information (FCI), computer networks, and IT infrastructure and system information. The role will also spearhead the development of policies, procedures, and preparation for the DoD's Cybersecurity Maturity Model Certification (CMMC) Framework.
Responsibilities
- Participate and drive the development of policies, procedures, and documentation relating to CMMC compliance.
- Perform gap analysis, document cyber incidents, implement security measures, and assess standards related to achieving and maintaining compliance for ITAR, NIST SP 800-171, and CMMC 2.0 Level 2 frameworks.
- Partner with Managed Service Providers (MSP) and internal IT department staff to ensure all physical, supply chain, infrastructure, and cloud controlled unclassified information (CUI) is secure to DoD standards.
- Audit security policies, procedures and controls for NIST SP 800-171.
- Identify & mitigate cyber threats, document & establish protocols for security incidents, and assess and manage risks at the organization.
- Maintain up-to-date knowledge of cyber security standards, technologies, and threats.
- Support IT Administrators as needed with equipment configuration and deployment.
- Identify areas of improvement and help develop solutions to implement.
Requirements
- Bachelor's Degree in Computer Science, Information Systems or related field (preferred).
- Three or more years' experience working in Information Security or Cybersecurity Analyst role with a strong focus on compliance and auditing DoD and Federal cybersecurity frameworks.
- In-depth understanding of NIST government frameworks and experience implementing and auditing NIST ST 800-171 controls.
- Three or more years' experience with incident response, risk assessment, and security management.
- Strong working knowledge of the requirements, protocols, security measures and trends for CMMC compliance.
- Understanding of US Government and Federal compliance regulations such as ITAR and DFARS.
- Experience implementing, monitoring, and managing security measures & compliance for CUI and FCI.
- Ability to implement, manage, and maintain Microsoft Office 365 GCC High and strong understanding of Cloud CUI security.
- Deep working knowledge and skills regarding hardware, software, networks, and data centers, including Microsoft solutions, including Windows OS, Windows Server and Active Directory.
- Understanding of virtualization technologies, specifically Microsoft Hyper-V.
- Ability to identify vulnerabilities and threats.
- Familiarity with information/cybersecurity tools (i.e., CrowdStrike, Darktrace, Varonis).
- Ability to work in a diverse environment, have a calm demeanor and communicate effectively with all customers, vendors, employees and management.
- Willingness to continue training and development to self-enhance personal performance.
