Cyber Security Engineer at Daniels Manufacturing Corporation
Orlando, Florida, United States -
Full Time


Start Date

Immediate

Expiry Date

18 Sep, 26

Salary

105000.0

Posted On

20 Jun, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

CMMC Level 2, NIST SP 800-171, Microsoft Sentinel, Microsoft Defender, Azure Security, Entra ID, Hyper-V, Windows Server, Active Directory, Group Policy, Network Security, Vulnerability Scanning, Incident Response, Microsoft Purview, SIEM Operations, Identity Governance

Industry

Aviation and Aerospace Component Manufacturing

Description
Description We are seeking a Cyber Security Engineer with a strong security focus to support our CMMC Level 2 certification effort under DFARS. The right candidate will own assigned NIST SP 800-171 control domains, drive Microsoft security platform operations, and help protect a hybrid environment spanning on-premises infrastructure and cloud services including Azure, Defender, Sentinel, and Hyper-V. Essential Job Functions: CMMC Level 2 / Cybersecurity Compliance Support CUI / FCI scoping activities, including identifying systems, users, data flows, enclaves, cloud services, endpoints, and third-party services in scope for CMMC Level 2. Maintain assessment-ready evidence mapped to NIST SP 800-171 control domains and CMMC assessment requirements in the System Security Plan (SSP). Identify, track, and remediate gaps via the Plan of Action & Milestones (POA&M). Support C3PAO third-party assessment preparation; build and maintain assessment-ready evidence packages including screenshots, configuration exports, policy references, ticket records, vulnerability scan results, audit logs, training records, and control implementation narratives. Maintain audit logging, log integrity, and SIEM operations. Conduct periodic vulnerability scans and coordinate remediation with the team. Assist in developing and enforcing security policies, procedures, and user awareness training. Ensure security-relevant changes are documented, approved, tested, and traceable through the ITSM or change management process. Microsoft Security Platform Operations Administer and tune Microsoft Sentinel — build and maintain analytics rules, workbooks, and incident response playbooks. Manage Microsoft Defender for Endpoint, Identity, and Office 365 — configure policies, investigate alerts, and drive remediation. Maintain Azure security posture including Entra ID (Azure AD), Conditional Access, PIM, and role-based access controls. Support and manage Hyper-V virtualization environments including VM provisioning, snapshots, and performance monitoring. Leverage Microsoft Purview for data classification, sensitivity labeling, and compliance reporting. Infrastructure & Systems Administration Administer and harden Windows Server, Active Directory, and Group Policy environments. Maintain network security posture including firewall rules, VLANs, and access control configurations. Maintain asset inventory, software inventory, secure configuration baselines, and change control evidence for servers, endpoints, network devices, cloud services, and security tools. Support endpoint management and patch compliance using enterprise ITSM and endpoint management tooling. Provide Tier 2/3 escalation support for security-relevant endpoint, identity, access, and infrastructure issues. Support ERP and line-of-business application integrations from an IT infrastructure and security perspective as needed. Security Operations Monitor security alerts across Microsoft Sentinel and Defender, investigate incidents, and escalate per defined IR procedures. Support DFARS 252.204-7012 cyber incident response obligations, including evidence preservation, incident documentation, escalation, and coordination with leadership and external partners. Manage privileged access, MFA enforcement, and identity governance across on-premises and cloud environments. Assist with endpoint detection and response (EDR) configuration and hardening baselines. Participate in tabletop exercises and contribute to business continuity and DR planning. Support backup, recovery, business continuity, and disaster recovery controls, including backup monitoring, restore testing, retention validation, and protection of backup data from unauthorized modification or deletion. Coordinate with external MSPs, CMMC consultants, C3PAOs, auditors, software vendors, and managed security providers to support remediation, evidence collection, and assessment readiness. Requirements Qualifications: Required 3+ years of experience in systems administration or IT infrastructure, with demonstrated hands-on security responsibilities and willingness to grow into CMMC control ownership. Demonstrated knowledge of NIST SP 800-171 or CMMC Level 2 requirements. Hands-on experience with Windows Server, Active Directory, and Group Policy. Working knowledge of Microsoft Defender (Endpoint, Identity, or O365) and Microsoft Sentinel. Familiarity with Microsoft Azure and Entra ID administration. Experience with Hyper-V or equivalent enterprise virtualization platform. Understanding of network security fundamentals: firewalls, VLANs, DNS, DHCP. Strong documentation skills — SSP/POA&M experience a significant plus. Preferred CompTIA Security+, CySA+, or SSCP certification (or actively pursuing). Microsoft certifications: SC-200, AZ-500, SC-300, SC-400 a strong plus. Familiarity with enterprise ITSM platforms and endpoint management tooling. Familiarity with DoD SPRS reporting and GRC tools. Prior experience working in a Defense Industrial Base (DIB) environment. Exposure to ERP security scoping (Infor CloudSuite or similar). Management reserves the right to assign or reassign duties and responsibilities to this job at any time. EOE, including disability/vets
Responsibilities
The role focuses on achieving and maintaining CMMC Level 2 certification by managing NIST SP 800-171 control domains and evidence. It also involves administering the Microsoft security stack and hardening hybrid infrastructure to protect CUI and FCI data.
Loading...