Palomar
Cybersecurity & Compliance Analyst (CMMC)
Palomar, Rancho Santa Margarita, California, United States, 92688
Job Title:Cybersecurity & Compliance Analyst
Job Level:Mid-Level
SummaryThe Cybersecurity & Compliance Analyst will play a key role in driving the strategy, planning, implementing, monitoring, and managing security measures and compliance for the protection of controlled unclassified information (CUI), federal contract information (FCI), computer networks, and IT infrastructure and system information. The role will also spearhead the development of policies, procedures, and preparation for the DoD's Cybersecurity Maturity Model Certification (CMMC) Framework.
Essential Duties and Responsibilities
Participate and drive the development of policies, procedures, and documentation relating to CMMC compliance.
Perform gap analysis, document cyber incidents, implement security measures, and assess standards related to achieving and maintaining compliance for ITAR, NIST SP 800-171, and CMMC 2.0 Level 2 frameworks.
Partner with Managed Service Providers (MSP) and internal IT department staff to ensure all physical, supply chain, infrastructure, and cloud controlled unclassified information (CUI) is secure to DoD standards.
Audit security policies, procedures and controls for NIST SP 800-171.
Identify & mitigate cyber threats, document & establish protocols for security incidents, and assess and manage risks at the organization.
Maintain up-to-date knowledge of cyber security standards, technologies, and threats.
Support IT Administrators as needed with equipment configuration and deployment.
Identify areas of improvement and help develop solutions to implement.
Qualifications
Bachelor's Degree in Computer Science, Information Systems or related field (preferred).
Three or more years' experience working in Information Security or Cybersecurity Analyst role with a strong focus on compliance and auditing DoD and Federal cybersecurity frameworks.
In-depth understanding of NIST government frameworks and experience implementing and auditing NIST ST 800-171 controls.
Three or more years' experience with incident response, risk assessment, and security management.
Strong working knowledge of the requirements, protocols, security measures and trends for CMMC compliance.
Understanding of US Government and Federal compliance regulations such as ITAR and DFARS.
Experience implementing, monitoring, and managing security measures & compliance for CUI and FCI.
Ability to implement, manage, and maintain Microsoft Office 365 GCC High and strong understanding of Cloud CUI security.
Deep working knowledge and skills regarding hardware, software, networks, and data centers, including Microsoft solutions, including Windows OS, Windows Server and Active Directory.
Understanding of virtualization technologies, specifically Microsoft Hyper-V.
Ability to identify vulnerabilities and threats.
Familiarity with information/cybersecurity tools (i.e., CrowdStrike, Darktrace, Varonis).
Ability to work in a diverse environment, have a calm demeanor and communicate effectively with all customers, vendors, employees and management.
Willingness to continue training and development to self-enhance personal performance.
Physical DemandsWhile performing the duties of this job, the employee is frequently required to stand, walk, sit, use hands to finger, handle, or feel objects, tools or controls; reach with hands and arms; talk and hear and occasionally required to climb stairs; balance; stoop, kneel, crouch or crawl. The employee must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds.
Work EnvironmentThis job operates in a professional office environment floor. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. While performing the duties of this job, the employee is frequently exposed to fumes or airborne particles, moving mechanical parts and vibration. The noise level in the work environment can be loud.
Salary Range$90,000 - $130,000
*Must be authorized to work in the U.S.
**This position requires either a US Person (as defined in applicable export regulations) or a non-US person who is eligible to obtain required export authorization**
*To comply with U.S. export laws and regulations, Palomar Products Inc. operations in the U.S. may only employ "U.S. Persons" as defined by the International Traffic in Arms Regulations (ITAR).
**Equal Employment Opportunity (EEO) and Affirmative Action (AAP) Employer
Palomar Products is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of age, race, color, religion, sex, sexual orientation, gender identity or expression, medical condition, national origin, marital status, disability, pregnancy or parental status, childbirth, genetic information, or military and veteran status. Request an Accommodation. Read further information regarding Affirmative Action narrative availability.
Palomar Products participates in E-Verify: Details in English and Spanish. Right to Work Statement in English and Spanish. EEO is the law. Pay Transparency Nondiscrimination Provision.
#J-18808-Ljbffr
Job Level:Mid-Level
SummaryThe Cybersecurity & Compliance Analyst will play a key role in driving the strategy, planning, implementing, monitoring, and managing security measures and compliance for the protection of controlled unclassified information (CUI), federal contract information (FCI), computer networks, and IT infrastructure and system information. The role will also spearhead the development of policies, procedures, and preparation for the DoD's Cybersecurity Maturity Model Certification (CMMC) Framework.
Essential Duties and Responsibilities
Participate and drive the development of policies, procedures, and documentation relating to CMMC compliance.
Perform gap analysis, document cyber incidents, implement security measures, and assess standards related to achieving and maintaining compliance for ITAR, NIST SP 800-171, and CMMC 2.0 Level 2 frameworks.
Partner with Managed Service Providers (MSP) and internal IT department staff to ensure all physical, supply chain, infrastructure, and cloud controlled unclassified information (CUI) is secure to DoD standards.
Audit security policies, procedures and controls for NIST SP 800-171.
Identify & mitigate cyber threats, document & establish protocols for security incidents, and assess and manage risks at the organization.
Maintain up-to-date knowledge of cyber security standards, technologies, and threats.
Support IT Administrators as needed with equipment configuration and deployment.
Identify areas of improvement and help develop solutions to implement.
Qualifications
Bachelor's Degree in Computer Science, Information Systems or related field (preferred).
Three or more years' experience working in Information Security or Cybersecurity Analyst role with a strong focus on compliance and auditing DoD and Federal cybersecurity frameworks.
In-depth understanding of NIST government frameworks and experience implementing and auditing NIST ST 800-171 controls.
Three or more years' experience with incident response, risk assessment, and security management.
Strong working knowledge of the requirements, protocols, security measures and trends for CMMC compliance.
Understanding of US Government and Federal compliance regulations such as ITAR and DFARS.
Experience implementing, monitoring, and managing security measures & compliance for CUI and FCI.
Ability to implement, manage, and maintain Microsoft Office 365 GCC High and strong understanding of Cloud CUI security.
Deep working knowledge and skills regarding hardware, software, networks, and data centers, including Microsoft solutions, including Windows OS, Windows Server and Active Directory.
Understanding of virtualization technologies, specifically Microsoft Hyper-V.
Ability to identify vulnerabilities and threats.
Familiarity with information/cybersecurity tools (i.e., CrowdStrike, Darktrace, Varonis).
Ability to work in a diverse environment, have a calm demeanor and communicate effectively with all customers, vendors, employees and management.
Willingness to continue training and development to self-enhance personal performance.
Physical DemandsWhile performing the duties of this job, the employee is frequently required to stand, walk, sit, use hands to finger, handle, or feel objects, tools or controls; reach with hands and arms; talk and hear and occasionally required to climb stairs; balance; stoop, kneel, crouch or crawl. The employee must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds.
Work EnvironmentThis job operates in a professional office environment floor. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. While performing the duties of this job, the employee is frequently exposed to fumes or airborne particles, moving mechanical parts and vibration. The noise level in the work environment can be loud.
Salary Range$90,000 - $130,000
*Must be authorized to work in the U.S.
**This position requires either a US Person (as defined in applicable export regulations) or a non-US person who is eligible to obtain required export authorization**
*To comply with U.S. export laws and regulations, Palomar Products Inc. operations in the U.S. may only employ "U.S. Persons" as defined by the International Traffic in Arms Regulations (ITAR).
**Equal Employment Opportunity (EEO) and Affirmative Action (AAP) Employer
Palomar Products is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of age, race, color, religion, sex, sexual orientation, gender identity or expression, medical condition, national origin, marital status, disability, pregnancy or parental status, childbirth, genetic information, or military and veteran status. Request an Accommodation. Read further information regarding Affirmative Action narrative availability.
Palomar Products participates in E-Verify: Details in English and Spanish. Right to Work Statement in English and Spanish. EEO is the law. Pay Transparency Nondiscrimination Provision.
#J-18808-Ljbffr