Cyber Security Specialist

Cyber Security Specialist 2.1 2.1 out of 5 stars Mason, OH 45040 The Armor Group, Inc. 45 reviews

JOB SUMMARY

The Cybersecurity Specialist is responsible for designing, implementing, and maintaining the organization's IT cybersecurity program in alignment with NIST SP 800-171, Cybersecurity Maturity Model Certification (CMMC) IT requirements, and applicable federal regulations. This role owns the day-to-day security posture of on-premises infrastructure and Microsoft 365 (M365) environments, IT security best practices, supports audit readiness, and serves as the internal subject-matter expert for all matters related to the protection of IT assets. This is a hands-on technical role that also requires strong communication skills — the Specialist must translate complex security requirements into actionable guidance for non-technical staff and effectively partner with the compliance manager on CMMC and NIST regulatory frameworks.

Responsibilities include:

NIST SP 800-171 & CMMC

Compliance Support, update, and maintain the organization's System Security Plan (SSP), Plan of Action & Milestones (POA&M), and all supporting compliance documentation relating to IT systems in coordination with the Compliance Manager. Recommend, architect, and design the necessary compliance frameworks, enclaves, hardware, and software required to meet compliance requirements. Conduct and track gap assessments against

NIST SP 800-171

controls and CMMC Level 2 practice requirements Lead remediation efforts for identified control gaps, coordinating with IT staff, management, and third-party vendors as needed Prepare the organization for third-party CMMC assessments (C3PAO); serve as the primary IT point of contact during assessment activities Maintain and update the CUI scope definition, data flow diagrams, and assessment boundary documentation based on organizational flow down information in coordination with the Compliance Manager. Infrastructure Security Administer and harden on-premises Active Directory (AD), DNS, DHCP, and file server environments in accordance with security baselines (CIS Benchmarks, DISA STIGs) Configure and manage firewalls, VLANs, and network segmentation controls to isolate CUI environments Manage endpoint protection platforms (EPP/EDR) across all on-premises workstations and servers Oversee patch management programs for operating systems, firmware, and third-party applications Implement and monitor multi-factor authentication (MFA) for all user and privileged accounts Control and audit use of removable media and portable storage devices Administer and harden the Microsoft 365 security posture including Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams Configure and manage Antivirus and EDR products Implement and enforce Microsoft Purview Information Protection policies including CUI labeling to prevent data CUI data from entering commercial environments, data loss prevention (DLP), and retention policies Manage Conditional Access policies, Entra ID (Azure AD) security settings, and Privileged Identity Management (PIM) Configure and maintain Microsoft Secure Score benchmarks; remediate identified gaps on a defined schedule Administer Microsoft Intune for mobile device management (MDM) and mobile application management (MAM) Monitoring and Incident Response Monitor security event logs, SIEM alerts, and threat intelligence feeds on an ongoing basis Lead investigation and response to security incidents; document findings and corrective actions in accordance with

DFARS 252.204-7012

reporting requirements Conduct periodic vulnerability scans and penetration test coordination; track and remediate findings Perform user access reviews on a defined schedule; enforce least privilege and separation of duties Manage and review privileged account activity and administrator access logs Policy, Training, and User Awareness Develop, maintain, and enforce IT security policies, standards, and procedures Provide targeted guidance on CUI handling, marking, and protection to program, engineering, and administrative staff related to IT equipment and software systems Support HR in the security aspects of employee onboarding and offboarding processes

PRINCIPAL CONTACTS INSIDE/OUTSIDE THE COMPANY

This position interacts with a wide variety of Armor office employees and senior management.

COMPETENCY OR POSITION REQUIREMENTS

Attention to Detail — CMMC and NIST documentation must be precise and audit-ready Communication — Ability to explain security requirements clearly to non-technical staff Ownership Mentality — Takes initiative on compliance gaps without waiting to be directed Discretion — Regularly handles sensitive data and must maintain strict confidentiality Collaboration — Works cross-functionally with compliance and operations teams Adaptability — CMMC rulemaking continues to evolve and must stay current and pivot quickly

EDUCATION

Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field Equivalent combination of education and directly relevant experience will be considered

EXPERIENCE

Familiarity with Zero Trust Architecture principles and implementation 3-5+ years of hands-on experience in an IT security or systems administration role Proven experience administering Microsoft 365 security features in a production environment Experience managing on-premises Windows Server environments including Active Directory Familiarity with firewall administration Demonstrated experience implementing or assessing against

NIST SP 800-171

controls Experience with CMMC compliance, gap assessments, or C3PAO assessments preferred Experience with GCC High, Preveil, SecureFrame, Quick Track solutions a plus

EXPERIENCE

CompTIA Security+ or equivalent Required CompTIA CySA+ Preferred Certified CCMC Professional (CCP) Preferred Certificate CCA a plus

WORKING AND PHYSICAL CONDITIONS

Primarily office-based Will be required to work outside of normal business hours for incident response or maintenance windows Ability to sit for extended periods and work at a computer workstation Occasional lifting of IT equipment (up to 40 lbs.)