ABOUT US

Headquartered in Sarasota, Florida, Global Ordnance is a force multiplier within the commercial (www.globalordnance.com) and defense military (www.global-ordnance.com) industries supporting a wide array of equipment, ammunition and firearms. As a Veteran Owned Small Business, Global Ordnance strives to provide excellence to our customers with unparalleled integrity. It’s important to us that our work environment reflects this core value as well. We are blessed to have an incredible core team in place, and we need more talented individuals to come aboard and help us fill new roles that will foster the exciting opportunities we have ahead of us. Among other benefits, we offer company paid (100%) medical and dental insurance for our employees and their families, and a casual office with company provided snacks, coffee & other refreshments to keep you moving!

JOB SUMMARY

This critical position is for a highly skilled and experienced Cybersecurity Engineer who will play a key role in protecting the organization’s sensitive data and systems. The ideal candidate is a proactive and detail-oriented professional with a deep understanding of cybersecurity best practices, compliance frameworks, and cutting-edge security technologies. This role requires a broad range of technical skills, including expertise in data loss prevention (DLP), SharePoint administration across multiple tenants in compliance with all regulations, cloud security (specifically within Microsoft 365 environments, including GCC High), data tagging and migration, and vulnerability management.
This individual will be responsible for working with a team implementing and maintaining robust security controls, responding to security incidents, and ensuring the organization’s compliance with relevant regulations and industry standards. The Cybersecurity Engineer will be a key contributor to strengthening our security posture, minimizing risks, and fostering a culture of security awareness.
This position requires the ability to work independently, as well as collaboratively within a team, and to effectively communicate technical concepts to both technical and non-technical stakeholders. The successful candidate will thrive in a fast-paced environment and be comfortable managing multiple priorities while maintaining a high level of accuracy and attention to detail. This role offers the opportunity to make a significant impact on the organization’s security posture and contribute to a growing and dynamic team.

QUALIFICATIONS & REQUIREMENTS

Required Qualifications:
· Candidates must meet Authorized US Persons criteria under ITAR – candidates must be either US Citizen, Lawful Permanent Resident or other certain protected authorized asylees. Additionally, qualified candidates may not be otherwise disbarred from having access to ITAR controlled information.
· Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
· Proven experience in cybersecurity engineering, preferably in a regulated industry.
· Strong understanding of cybersecurity frameworks and regulations (e.g., NIST, ISO 27001, HIPAA, etc.) and GRC tools.
· Expertise in data loss prevention (DLP) technologies.
· Extensive experience in SharePoint administration, including multi-tenant environments.
· Hands-on experience with Microsoft 365 security features.
· Experience with GCC High implementation and management is highly desirable.
· Knowledge of data tagging and classification techniques.
· Relevant degrees, skilled trades certifications or licenses preferred
· At least 10 years of relevant experience
· Experience with DoD acquisition process, and DoD contracting requirements preferred
· Demonstrated ability to build and maintain relationships with government officials, defense organizations, and industry stakeholders
· Excellent communication, negotiation, and presentation skills
· Self-starter with strong analytical and problem-solving skills
· Ability to work independently and as part of a team in a fast-paced and dynamic environment
· Willingness to travel domestically
· ISO 9001:2015 training preferred
· Proficient in the use of Microsoft Office suite (Word, Excel, Outlook, PowerPoint, and Project)
Preferred Qualifications:
· Relevant certifications (e.g., CISSP, CISM, Security+, Microsoft certifications).
· Experience with scripting languages (e.g., PowerShell, Python).
· Knowledge of cloud security best practices.
· Experience with security information and event management (SIEM) systems.

PHYSICAL DEMANDS & ABILITIES

• Ability to walk, stand, use computers, lift or excert upwards of 25lbs occasionally, 10lbs frequently.
• Regularly spend long hours sitting and using office equipment and computers
• Regularly move from sitting to standing positions effortlessly
• Occasional travel
  This job description is not intended to be all-inclusive, and employees will also perform other reasonably related business duties as assigned by immediate supervisor and other management as required.
  Global Ordnance reserves the right to revise or change job duties and descriptions as the need arises. This job description does not constitute a written or implied contract of employment. As all employment with Global Ordnance LLC is At-Will and no part of this job description constitutes any promise of continued employment or employment contract.
  Global Ordnance, LLC is an Equal Opportunity Employer and do not discriminate in recruitment, hiring, training, promotion, or other employment practices for reasons of race, color, religion, gender, sexual orientation, national origin, age, marital or veteran status, medical condition or disability, or any other legally protected status.
  Job Type: Full-time

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible spending account
• Health insurance
• Life insurance
• Paid time off
• Vision insurance

Schedule:

• 8 hour shift
• Monday to Friday

Education:

• Bachelor’s (Preferred)

Ability to Commute:

• Tampa, FL 33607 (Required)

Ability to Relocate:

• Tampa, FL 33607: Relocate before starting work (Required)

Work Location: In perso

· Cybersecurity Policy Implementation and Maintenance:

• Develop, implement, and maintain cybersecurity policies, procedures, and standards in accordance with industry best practices and regulatory requirements (e.g., NIST 800-171 Rev 3, ISO 27001,GDPR, UK Cyber Essentials, etc.).
• Ensure compliance with relevant regulations and frameworks.
• Conduct regular reviews and updates of security policies.

Data Loss Prevention (DLP):

• Design, implement, and manage DLP solutions to protect sensitive data.
• Monitor DLP alerts and investigate potential data breaches.
• Fine-tune DLP policies to minimize false positives and maximize effectiveness.
• SharePoint Administration (Multi-Tenant):
• Administer and maintain SharePoint environments across three tenants.
• Manage user access, permissions, and security settings.
• Implement and enforce security policies within SharePoint.
• Troubleshoot SharePoint related security issues.

· GCC High Tenant Implementation:

• Assist in the planning, implementation, and configuration of a new GCC High tenant.
• Ensure security best practices are followed during the migration process.
• Collaborate with other teams to integrate GCC High with existing systems.

· Data Tagging and Migration:

• Implement data tagging strategies to classify and categorize sensitive information in alignment with both best practices and compliance programs.
• Plan and execute data migration projects, ensuring data integrity and security.
• Automate data tagging and migration processes where possible.
• Automate process and workflows for secure sharing with only vetted and approved users.

· Vulnerability Management:

• Monitor security alerts and vulnerability scans.
• Analyze vulnerability reports and prioritize remediation efforts.
• Implement timely patches and fixes to address identified weaknesses.
• Track and report on vulnerability remediation progress.
• Respond to security incidents and breaches.

· Security Awareness Training:

• Contribute to the development and delivery of security awareness training programs.
• Educate employees on best practices for cybersecurity.

· Collaboration & Communication:

• Collaborate with other IT teams and business units to ensure security is integrated into all aspects of the organization.
• Communicate effectively with technical and non-technical stakeholders.
• Provide regular updates on security status and initiatives.
• Perform other work as directed by Management.