Cyber Security Specialist, CMMC Compliance

🕒 il y a 1 mois

🏄 California – Distant

🏄 California – Remote

💵 $130 000 - $150 000 / an

⏰ Temps Plein

🟡 Intermédiaire

🟠 Senior

👮‍♂️ Cybersécurité / Ingénieur Sécurité

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Canopy Aerospace & Defense

Site WebLinkedInTous les Emplois

51 - 200 employés

🚀 Aérospatiale

🔧 Matériel

⚡ Énergie

Aerospace • Hardware • Energy

Canopy Aerospace & Defense est une entreprise aéronautique et de défense orientée sur les matériaux et la fabrication, qui développe, conçoit et produit des systèmes de matériaux avancés — y compris des céramiques haute température, des systèmes de protection thermique, des composites, et des composants absorbants/réducteurs de signal — pour des environnements extrêmes allant des profondeurs marines à l'espace. L'entreprise propose des services de bout en bout allant de la R&D et du prototypage rapide (y compris la fabrication additive) à la production clé en main, l'intégration des systèmes, la rénovation, et le support de programme pour les OEM des marchés spatial, de la défense, maritime et des énergies/électroniques. Canopy met l'accent sur une résolution rapide et proactive des problèmes et agit en tant que partenaire de fabrication intégré pour répondre aux exigences critiques de performance thermique, structurelle, et électromagnétique.

Description

• Lead the implementation, assessment, and continuous improvement of security controls aligned with NIST SP 800-171 and CMMC 2.0, ensuring organizational readiness for Level 2 certification. • Own and maintain the System Security Plan (SSP), Plans of Action and Milestones (POA&M), security policies, procedures, and compliance documentation. • Map and protect Controlled Unclassified Information (CUI) throughout its lifecycle, including data flows across engineering design (CAD/CAM), procurement, quality, manufacturing, and external suppliers. • Serve as the primary liaison for CMMC assessments, including coordination with C3PAOs, audit preparation, artifact management, and remediation tracking. • Implement and monitor security controls across both IT and OT environments, including identity and access management, multi-factor authentication, encryption, endpoint detection and response (EDR), SIEM, firewalls, and network segmentation. • Conduct vulnerability scanning, risk assessments, and gap analyses against NIST SP 800-171 controls, prioritizing mitigation efforts based on operational and contractual risk. • Lead cyber incident response activities, including documentation and reporting of incidents impacting CUI within required DFARS timelines (e.g., 72-hour reporting). • Partner cross-functionally with engineering, operations, quality, and leadership to embed cybersecurity into product development and manufacturing processes. • Oversee relationships with managed service providers (MSPs), cloud providers, and external security vendors to ensure secure configurations and regulatory compliance. • Develop and deliver practical cybersecurity training tailored to aerospace manufacturing personnel, including phishing awareness, secure technical data handling, and CUI best practices. • Establish compliance dashboards and executive reporting mechanisms to provide visibility into security posture and remediation progress. • Support and secure cloud environments, including Microsoft GCC High or Azure Government, where applicable.

🎯 Exigences

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. • 3–5+ years of experience in IT or Cybersecurity, including direct experience supporting CMMC, NIST SP 800-171, or DFARS compliance within the Defense Industrial Base. • Demonstrated hands-on experience implementing and assessing NIST SP 800-171 security controls. • Strong understanding of DFARS 252.204-7012 requirements and CMMC 2.0 framework. • Experience with Windows and/or Linux systems, Active Directory, identity and access management, firewalls, VPNs, endpoint protection platforms, and vulnerability management tools. • Familiarity with hybrid IT/OT environments and protecting intellectual property within CAD/CAM or manufacturing systems. • Ability to translate regulatory requirements into scalable technical and operational solutions. • Strong documentation, communication, and cross-functional leadership skills. • Must be a U.S. Person (U.S. Citizen or Permanent Resident) due to ITAR/EAR regulations.

🏖️ Avantages

• Company paid employee medical, dental and vision insurance. • Retirement plan participation (eligibility required). • Paid sick leave. • Paid vacation. • Paid holidays. • Discretionary bonuses.