CyberSheathRemote
Compliance Engineer
United States
Full Time
3 hours ago
$100,000 - $116,000 USD
No Visa Sponsorship
Key skills
AzureFirewallsActive DirectoryRemote WorkFirewall
About this role
Role Overview
- Implement, configure, and maintain security controls in line with CMMC requirements
- Collaborate with internal and external stakeholders to ensure ongoing compliance with CMMC standards
- Serve as the internal subject matter expert on CMMC-related technical questions and processes
- Design and deploy secure configurations for Microsoft 365, Azure, Azure Virtual Desktop, and the Microsoft Defender XDR suite
- Manage security baselines, conditional access policies, and monitoring/alerting configurations
- Coordinate with IT operations and security teams to remediate vulnerabilities and align with compliance objectives
- Utilize Active Directory, firewalls, and related security or network tools to ensure compliance and gather logs/artifacts as evidence
- Gather, document, and maintain the artifacts necessary to demonstrate compliance (system configurations, implementation records, access control logs, and related evidence)
- Collaborate with cross-functional teams (IT, Security, DevOps) to validate and record operational and security processes in compliance with CMMC
- Provide expert guidance and support during client-facing CMMC audits, which may include up to 25% travel
- Communicate technical aspects of CMMC controls and remediation strategies clearly to both technical and non-technical audiences
Requirements
- 3–5+ years in implementing and managing technical security controls in Microsoft environments
- Hands-on experience with Microsoft 365 Administration & Security (tenant hardening, identity & access management, conditional access)
- Hands-on experience with Azure & Azure Virtual Desktop (security configuration, monitoring, role-based access control)
- Hands-on experience with Microsoft Defender XDR Suite (Defender for Endpoint, Defender for Office 365, etc.)
- Hands-on experience with Group Policy Objects (GPOs) and Intune for device and application management
- Hands-on experience with Active Directory (managing user/groups, reviewing logs, applying group policies)
- Hands-on experience with Firewalls (configuring rules, reviewing logs, interpreting firewall outputs)
- Demonstrated track record of working with CMMC controls or similar regulatory/compliance frameworks (e.g., NIST 800-171, DFARS)
- Strong understanding of SIEM tools and security incident management workflows.
Tech Stack
- Azure
- Firewalls
Benefits
- Flexible Schedule & After-Hours Work
- 100% Remote work environment with occasional (25%) travel to client sites