Apply for this opportunity

This job application is on an outside website. Be sure to review the job posting there to verify it's the same.

Apply Offsite

IT Security & Compliance Manager

Job

Complete Turbine Services

Coral Springs, FL (In Person)

Full-Time

Posted 2 weeks ago (Updated 2 weeks ago) • Actively hiring

Expires 7/12/2026

See Job Scorecard

Review key factors to help you decide if the role fits your goals.

How is this calculated?

Pay Growth

out of 5

Not enough data

Not enough info to score pay or growth

Job Security

out of 5

Not enough data

Calculating job security score...

Total Score

out of 100

Average of individual scores

Were these scores useful?

Skill Insights

Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.

Job Description

IT Security & Compliance Manager Complete Turbine Services - 1.0 Coral Springs, FL Job Details 3 hours ago Qualifications Technical editing CMMC Risk management compliance audits

NIST SP 800-53

Data migration Information security audit implementation IT policy development IT system monitoring Security classification DoD experience Endpoint Detection and Response (EDR) Server updates Patch management Data classification Computer management Data Security (Data management) Regulatory Frameworks (Architecture security) Data backup Technical writing Access control classification Vulnerability management Cloud compliance Network monitoring tools Regulatory compliance analysis Information security auditing Security system management Policy Development IT security monitoring IT disaster recovery planning

Full Job Description Description:

Position Overview We are seeking an IT Security & Compliance Manager to oversee, maintain, and defend our digital infrastructure while strictly enforcing federal cybersecurity requirements. In this role, you will own our compliance posture, ensuring full alignment with

NIST SP 800-171, DFARS

252.204-7012, and CMMC Level 2. The ideal candidate bridges the gap between technical execution and regulatory governance. You will be responsible for managing security operations, maintaining our System Security Plan (SSP), closing Plan of Action and Milestones (POA&M) items, and preparing the organization for a formal third-party CMMC assessment. Key Responsibilities

CMMC & NIST

Governance:

Own, update, and enforce the System Security Plan (SSP) and Plan of Action and Milestones (POA&M). Ensure all 110 practices of

NIST SP 800-171

are fully implemented and auditable.

Infrastructure Security Oversight:

Oversee the security posture of our technical stack, ensuring secure configurations across firewalls, Endpoint Detection and Response (EDR), Remote Monitoring and Management (RMM), and cloud environments.

Cloud & Tenant Security:

Manage data enclave boundaries and security policies, specifically optimizing and maintaining a Microsoft 365 GCC High environment to prevent CUI spillage.

Data Flow & CUI Management:

Map, audit, and control the flow of Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) across all internal and external systems.

Incident Response & DFARS Reporting:

Lead the incident response team. Ensure full compliance with DFARS 252.204-7012, including rapid reporting of cyber incidents to the DoD Cyber Crime Center (DC3) within 72 hours.

Vulnerability & Patch Management:

Conduct regular internal audits, vulnerability scans, and risk assessments. Prioritize and remediate vulnerabilities across servers, endpoints, and network devices.

Vendor & Supply Chain Risk:

Evaluate subcontractors and third-party vendors to ensure they meet mandatory DFARS flow-down requirements.

Requirements:

Required Skills & Qualifications Compliance & Regulatory Expertise:

Deep, practical knowledge of

NIST SP 800-171, NIST SP 800-53, DFARS

252.204-7012, and CMMC Level 2 requirements. Proven experience writing, editing, and maintaining institutional IT policies, SSPs, and technical restoration playbooks. Experience navigating formal external IT audits or third-party assessments (C3PAO).

Technical Environment Experience:

Strong background managing enterprise firewalls and network segmentation. Hands-on experience with modern EDR platforms and centralized RMM tools for patch deployment and monitoring. Deep familiarity with Microsoft 365 GCC High tenant administration, including data classification and sensitivity labels. Familiarity with secure file migration, data backup architectures, and Disaster Recovery (DR) execution.

Education & Experience Requirements Education:

Bachelor's degree in Cybersecurity, Computer Science, IT Management, or a related technical field (equivalent practical experience considered).

Experience:

5+ years of experience in IT systems administration or cybersecurity, with at least 2 years directly managing compliance frameworks within the DoD supply chain.

Citizenship:

Must be a U.S. Citizen (required for accessing/managing CUI/ITAR-regulated data). Certifications (Highly Desired): Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM). CMMC Certified Professional (CCP) or CMMC Certified Assessor (CCA). CompTIA Security+ or CySA+ (minimum baseline).