Cyber Security Specialist, CMMC Compliance

🕒 vor 1 Monat

🏄 California – Remote

🏄 California – Remote

💵 $130.000 - $150.000 / Jahr

⏰ Vollzeit

🟡 Mittelstufe

🟠 Senior

👮‍♂️ IT-Sicherheitsingenieur

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Canopy Aerospace & Defense

WebsiteLinkedInAlle Stellen

51 - 200 Mitarbeiter

🚀 Luft- und Raumfahrt

🔧 Hardware

⚡ Energie

Aerospace • Hardware • Energy

Canopy Aerospace & Defense ist ein auf Materialien und Fertigung spezialisiertes Luft- und Raumfahrt- und Verteidigungsunternehmen, das fortschrittliche Materialsysteme entwickelt, konstruiert und produziert — darunter Hochtemperaturkeramiken, Wärmeschutzsysteme, Verbundstoffe und absortions-/signalreduzierende Komponenten — für extreme Umgebungen von der Tiefsee bis ins All. Das Unternehmen bietet umfassende Dienstleistungen von F&E und schnellem Prototyping (einschließlich additiver Fertigung) bis hin zur schlüsselfertigen Produktion, Systemintegration, Überholung und Programmunterstützung für OEMs in den Bereichen Weltraum, Verteidigung, Schifffahrt und Energie/Elektronik. Canopy legt Wert auf schnelle, vorausschauende Problemlösungen und fungiert als eingebetteter Fertigungspartner, um missionskritische Anforderungen an thermische, strukturelle und elektromagnetische Leistungen zu erfüllen.

Beschreibung

• Lead the implementation, assessment, and continuous improvement of security controls aligned with NIST SP 800-171 and CMMC 2.0, ensuring organizational readiness for Level 2 certification. • Own and maintain the System Security Plan (SSP), Plans of Action and Milestones (POA&M), security policies, procedures, and compliance documentation. • Map and protect Controlled Unclassified Information (CUI) throughout its lifecycle, including data flows across engineering design (CAD/CAM), procurement, quality, manufacturing, and external suppliers. • Serve as the primary liaison for CMMC assessments, including coordination with C3PAOs, audit preparation, artifact management, and remediation tracking. • Implement and monitor security controls across both IT and OT environments, including identity and access management, multi-factor authentication, encryption, endpoint detection and response (EDR), SIEM, firewalls, and network segmentation. • Conduct vulnerability scanning, risk assessments, and gap analyses against NIST SP 800-171 controls, prioritizing mitigation efforts based on operational and contractual risk. • Lead cyber incident response activities, including documentation and reporting of incidents impacting CUI within required DFARS timelines (e.g., 72-hour reporting). • Partner cross-functionally with engineering, operations, quality, and leadership to embed cybersecurity into product development and manufacturing processes. • Oversee relationships with managed service providers (MSPs), cloud providers, and external security vendors to ensure secure configurations and regulatory compliance. • Develop and deliver practical cybersecurity training tailored to aerospace manufacturing personnel, including phishing awareness, secure technical data handling, and CUI best practices. • Establish compliance dashboards and executive reporting mechanisms to provide visibility into security posture and remediation progress. • Support and secure cloud environments, including Microsoft GCC High or Azure Government, where applicable.

🎯 Anforderungen

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. • 3–5+ years of experience in IT or Cybersecurity, including direct experience supporting CMMC, NIST SP 800-171, or DFARS compliance within the Defense Industrial Base. • Demonstrated hands-on experience implementing and assessing NIST SP 800-171 security controls. • Strong understanding of DFARS 252.204-7012 requirements and CMMC 2.0 framework. • Experience with Windows and/or Linux systems, Active Directory, identity and access management, firewalls, VPNs, endpoint protection platforms, and vulnerability management tools. • Familiarity with hybrid IT/OT environments and protecting intellectual property within CAD/CAM or manufacturing systems. • Ability to translate regulatory requirements into scalable technical and operational solutions. • Strong documentation, communication, and cross-functional leadership skills. • Must be a U.S. Person (U.S. Citizen or Permanent Resident) due to ITAR/EAR regulations.

🏖️ Vorteile

• Company paid employee medical, dental and vision insurance. • Retirement plan participation (eligibility required). • Paid sick leave. • Paid vacation. • Paid holidays. • Discretionary bonuses.