Senior Cybersecurity Analyst

The Senior Cybersecurity Analyst will be a key member of our growing Information Technology team, responsible for driving compliance with the Cybersecurity Maturity Model Certification (CMMC) framework, protecting Controlled Unclassified Information (CUI), and ensuring an overall cybersecure compute environment.

This hands-on role is for an experienced cybersecurity professional who can blend technical knowledge, compliance expertise, and practical execution to help a small defense contractor achieve and maintain CMMC Level 2 compliance. You will work directly with IT, software engineering, and project teams to assess security gaps, implement controls, and prepare documentation for formal assessments.

Essential Functions:

• Lead CMMC readiness assessments, map controls to NIST SP 800-171 and DFARS requirements, and maintain compliance documentation (SSP, POA&M).

• Oversee enterprise security policies, standards, and procedures, ensuring alignment with federal and industry regulations.
• Collaborate with IT and DevOps teams to implement secure configurations across workstations, servers, CI/CD pipelines, and cloud environments.
• Conduct risk assessments, vulnerability scans, and threat mitigation; lead incident response and remediation efforts.
• Serve as SME during audits and assessments, coordinating evidence collection and responses.
• Integrate security into projects and operations while delivering training and awareness programs across the organization.
• Stay current on CMMC updates, DoD guidance, and best practices for compliance.
• This position may require occasional travel when needed.
• Must be able to obtain and maintain a US DOD Security Clearance.

Requirements

Basic Qualifications:

• Bachelor’s Degree in Cybersecurity, Information Systems, or related field (or equivalent experience).
• 7+ years of hands-on cybersecurity experience, including implementation of security controls in small to mid-size environments.
• Prior experience with CMMC 2.0, NIST SP 800-171, and DFARS compliance.
• Extensive experience working with IT systems used in software engineering environments, including Windows and Linux workstations, Active Directory, Azure, and M365.
• Experience writing and maintaining clear, audit-ready documentation (SSP, POA&M, policies, procedures).

Preferred Qualifications:

• Experience supporting DoD contracts or working within the Defense Industrial Base (DIB).
• Familiarity with Microsoft Purview, Defender for Cloud, and other M365 compliance tools.
• Experience with vulnerability management, configuration management, and secure system baselining.
• Certifications such as CMMC Certified Professional (CCP), Security+, CISSP, or CISA.
• Experience assisting with third-party CMMC assessment engagements or self-assessments.

·         Excellent communication and collaboration skills for cross-functional team environments.

Benefits

• Salary: $130,000 - $164,000 (Depends on Experience)
• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Hybrid work schedule
• Summer 9/80 Work Schedule
• Family Leave (Maternity, Paternity)
• Short Term & Long Term Disability
• Training & Development
• Work From Home
• Free Food & Snacks
• Wellness Resources
• Employee Stock Ownership Plan