II. ROLE
The Security Operations Administrator is responsible for the administration, monitoringthe organization's cybersecurity operations, security technologies, and compliance programs. This role supports the implementation and maintenance of Cybersecurity Maturity Model Certification (CMMC) Level 2 requirements, NIST SP 800-171 controls, and cybersecurity best practices to protect Controlled Unclassified Information (CUI), business systems, manufacturing operations, and corporate assets.
The incumbent operates and maintains security technologies, supports incident response and vulnerability management activities, and ensures security controls remain effective, compliant, and aligned with business objectives. Working closely with IT Infrastructure, Operations, Engineering, and Corporate Security teams, the Security Operations Administrator helps strengthen the organization's security posture while supporting audit readiness and regulatory compliance.
III. MISSIONS AND RESPONSIBILITIES
CMMC Compliance & Security Governance
- Support the implementation, execution, and continuous improvement of CMMC Level 2 and NIST SP 800-171 security controls.
- Maintain compliance documentation including:
- System Security Plans (SSP)
- Plans of Action and Milestones (POA&M)
- Policies, procedures, and standards
- Risk assessments and security evidence
- Monitor and track remediation activities to ensure timely closure of identified gaps.
- Assist with control assessments, gap analyses, and readiness reviews.
- Support governance, risk, and compliance initiatives.
Security Operations
- Operate, administer, and continuously optimize cybersecurity technologies including:
- Security Information and Event Management (SIEM)
- Endpoint Detection and Response (EDR/XDR)
- Security Orchestration, Automation, and Response (SOAR)
- Identity and Access Management (IAM)
- Multifactor Authentication (MFA)
- Security Email Gateways (SEG)
- Vulnerability Management Platforms
- Network Security Technologies
- Monitor and investigate security alerts, suspicious activity, and threat indicators.
- Analyze logs, events, configurations, and security telemetry to identify and respond to security threats.
- Escalate confirmed threats and security incidents according to established procedures.
- Support implementation of secure configurations and system hardening practices based on industry standards and organizational requirements.
- Maintain operational security monitoring and reporting capabilities.
Incident Detection & Response
- Participate in cybersecurity incident detection, triage, investigation, containment, eradication, recovery, and post-incident review activities.
- Coordinate security incident response activities involving regulated data and CUI.
- Ensure incidents are documented, tracked, reported, and investigated in accordance with established policies and procedures.
- Support forensic evidence preservation and investigation activities when required.
- Contribute to incident lessons learned and continuous improvement initiatives.
- Participate in cybersecurity exercises, testing, and tabletop simulations.
Vulnerability Management
- Operate and support the vulnerability management lifecycle, including:
- Identification
- Assessment
- Prioritization
- Remediation
- Validation and closure
- Conduct vulnerability assessments and track remediation activities.
- Collaborate with IT teams to ensure vulnerabilities are addressed within established service-level targets.
- Validate remediation effectiveness and report risk status to management.
- Support penetration testing and security assessment initiatives.
Documentation & Audit Readiness
- Maintain accurate, current, and audit-ready cybersecurity documentation.
- Collect, organize, and maintain security evidence including:
- System configurations
- Security logs
- Screenshots
- Technical procedures
- Assessment artifacts
- Support internal audits, external audits, customer assessments, and certification activities.
- Assist with audit findings, corrective actions, and remediation plans.
- Ensure documentation accurately reflects implemented controls and operational practices.
Collaboration & Security Awareness
- Work closely with IT, Infrastructure, Engineering, Operations, and Group Security teams.
- Support the secure implementation of new applications, infrastructure, and technology changes.
- Provide cybersecurity guidance during projects and change management activities.
- Contribute to cybersecurity awareness and training initiatives.
- Promote a strong culture of security, compliance, and risk awareness across the organization.
SAFETY, COMPLIANCE & GOVERNANCE
- Comply with all company health, safety, environmental, cybersecurity, and information protection policies and procedures.
- Support governance frameworks related to cybersecurity, risk management, and regulatory compliance.
- Safeguard confidential, proprietary, and Controlled Unclassified Information (CUI).
- Maintain accurate records and documentation to support auditability and compliance.
- Participate in internal and external audits and implement corrective actions as required.
- Promote ethical conduct, confidentiality, and responsible stewardship of company assets and information.
IV. KEY PERFORMANCE INDICATORS (KPIs)
Security Operations
- Mean Time to Detect (MTTD) security incidents.
- Mean Time to Respond (MTTR) to security incidents.
- Security alert investigation and response effectiveness.
- Security incident closure rates.
Vulnerability Management
- Percentage of critical vulnerabilities remediated within established timelines.
- Vulnerability remediation SLA compliance.
- Reduction of recurring vulnerabilities and identified risks.
Compliance & Audit
- CMMC and NIST 800-171 control compliance status.
- Audit readiness and assessment outcomes.
- Number of audit findings and timely closure rates.
- Completion of remediation plans and corrective actions.
Operational Excellence
- Accuracy and completeness of security documentation.
- Security tool availability and effectiveness.
- Stakeholder satisfaction with cybersecurity services and support.
V. AUTHORITY
- Administer and maintain cybersecurity systems, tools, and security controls within approved governance frameworks.
- Recommend cybersecurity improvements, risk mitigation measures, and corrective actions.
- Escalate cybersecurity risks, incidents, vulnerabilities, and compliance concerns to management.
- Coordinate remediation activities with technical teams and vendors.
- Initiate approved containment actions during active security incidents.
- Restrict or suspend system access when required to protect company assets and information, in accordance with approved procedures.
VI. REQUIREMENTS
Mandatory
Education
- Bachelor's Degree or Diploma in Cybersecurity, Information Technology, Computer Science, Information Security, or a related discipline.
- Equivalent combinations of education, training, and relevant experience may be considered.
Experience
- Minimum 3–5 years of experience in Cybersecurity Operations, Security Administration, Security Operations Center (SOC), Systems Administration, or related cybersecurity roles.
- Experience operating and supporting enterprise security technologies and security monitoring functions.
- Experience with vulnerability management, incident response, and security operations processes.
- Experience supporting compliance frameworks such as CMMC, NIST SP 800-171, NIST Cybersecurity Framework (CSF), ISO 27001, or similar standards.
Technical Skills
- Experience operating and administering:
- Security Information and Event Management (SIEM) platforms
- Endpoint Detection and Response (EDR/XDR) solutions
- Identity and Access Management (IAM) systems
- Vulnerability Management platforms
- Security Email Gateways (SEG)
- Security Orchestration, Automation, and Response (SOAR) platforms
- Ability to analyze:
- Security logs
- Alerts and events
- System configurations
- Security incidents
- Threat intelligence indicators
- Strong knowledge of network environments and security technologies, including:
- Switching technologies (copper, fiber, and wireless/Wi-Fi)
- Static and dynamic routing
- Firewall administration and security policies
- VPN technologies, including SSL VPN and IPsec VPN
- Network segmentation and secure communications
- Proficiency with Windows and Linux operating systems.
- Strong understanding of enterprise information systems and cybersecurity principles.
- Working knowledge of Active Directory, Entra ID (Azure AD), and modern identity security concepts.
- Good understanding of organizational operations, business processes, and information security risks.
Soft Skills
- Strong organizational skills with exceptional attention to detail.
- Curious mindset with a commitment to continuous learning and professional development.
- Strong analytical and problem-solving abilities.
- Ability to work independently while collaborating effectively across multiple teams.
- Excellent verbal and written communication skills.
- Ability to explain technical concepts to both technical and non-technical stakeholders.
- Strong sense of accountability, professionalism, and ownership.
- Ability to manage multiple priorities in a fast-paced environment.
Preferred
- Experience supporting CMMC Level 2 certification readiness and assessments.
- Experience handling or protecting Controlled Unclassified Information (CUI).
- Experience within manufacturing, aerospace, defense, or other highly regulated industries.
- Experience with cloud security technologies in Azure and/or AWS environments.
- Experience with security automation and orchestration initiatives.
VII. GENERAL RESPONSIBILITIES
- Demonstrate the organization's values through safety, integrity, accountability, collaboration, and continuous improvement.
- Develop and maintain positive working relationships with employees, contractors, vendors, auditors, and external stakeholders.
- Maintain awareness of emerging cybersecurity threats, technologies, vulnerabilities, and regulatory requirements.
- Participate in training, professional development, and certification activities.
- Support business continuity, disaster recovery, and operational resilience initiatives.
- Identify opportunities to improve cybersecurity effectiveness, efficiency, and automation.
- Foster a culture of security awareness and risk management throughout the organization.
- Perform other duties and responsibilities consistent with the scope and level of the position as assigned.
Pay: From $100,000.00 per year
Benefits:
Work Location: In person