Cyber Security Specialist, CMMC Compliance

🕒 April 22

🏄 California – Remote

🏄 California – Remote

💵 $130k - $150k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Canopy Aerospace & Defense

WebsiteLinkedInAll Job Openings

51 - 200 employees

🚀 Aerospace

🔧 Hardware

⚡ Energy

Aerospace • Hardware • Energy

Canopy Aerospace & Defense is a materials- and manufacturing-focused aerospace and defense company that develops, engineers, and produces advanced material systems — including high-temperature ceramics, thermal protection systems, composites, and absorptive/signal-reducing components — for extreme environments from deep-sea to space. The company offers end-to-end services from R&D and rapid prototyping (including additive manufacturing) through turnkey production, system integration, refurbishment, and program support for OEMs in space, defense, maritime, and power/electronics markets. Canopy emphasizes fast, anticipatory problem-solving and serves as an embedded manufacturing partner to meet mission-critical thermal, structural, and electromagnetic performance requirements.

📋 Description

• Lead the implementation, assessment, and continuous improvement of security controls aligned with NIST SP 800-171 and CMMC 2.0, ensuring organizational readiness for Level 2 certification. • Own and maintain the System Security Plan (SSP), Plans of Action and Milestones (POA&M), security policies, procedures, and compliance documentation. • Map and protect Controlled Unclassified Information (CUI) throughout its lifecycle, including data flows across engineering design (CAD/CAM), procurement, quality, manufacturing, and external suppliers. • Serve as the primary liaison for CMMC assessments, including coordination with C3PAOs, audit preparation, artifact management, and remediation tracking. • Implement and monitor security controls across both IT and OT environments, including identity and access management, multi-factor authentication, encryption, endpoint detection and response (EDR), SIEM, firewalls, and network segmentation. • Conduct vulnerability scanning, risk assessments, and gap analyses against NIST SP 800-171 controls, prioritizing mitigation efforts based on operational and contractual risk. • Lead cyber incident response activities, including documentation and reporting of incidents impacting CUI within required DFARS timelines (e.g., 72-hour reporting). • Partner cross-functionally with engineering, operations, quality, and leadership to embed cybersecurity into product development and manufacturing processes. • Oversee relationships with managed service providers (MSPs), cloud providers, and external security vendors to ensure secure configurations and regulatory compliance. • Develop and deliver practical cybersecurity training tailored to aerospace manufacturing personnel, including phishing awareness, secure technical data handling, and CUI best practices. • Establish compliance dashboards and executive reporting mechanisms to provide visibility into security posture and remediation progress. • Support and secure cloud environments, including Microsoft GCC High or Azure Government, where applicable.

🎯 Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. • 3–5+ years of experience in IT or Cybersecurity, including direct experience supporting CMMC, NIST SP 800-171, or DFARS compliance within the Defense Industrial Base. • Demonstrated hands-on experience implementing and assessing NIST SP 800-171 security controls. • Strong understanding of DFARS 252.204-7012 requirements and CMMC 2.0 framework. • Experience with Windows and/or Linux systems, Active Directory, identity and access management, firewalls, VPNs, endpoint protection platforms, and vulnerability management tools. • Familiarity with hybrid IT/OT environments and protecting intellectual property within CAD/CAM or manufacturing systems. • Ability to translate regulatory requirements into scalable technical and operational solutions. • Strong documentation, communication, and cross-functional leadership skills. • Must be a U.S. Person (U.S. Citizen or Permanent Resident) due to ITAR/EAR regulations.

🏖️ Benefits

• Company paid employee medical, dental and vision insurance. • Retirement plan participation (eligibility required). • Paid sick leave. • Paid vacation. • Paid holidays. • Discretionary bonuses.