Back to Jobs
G
Genco

Cybersecurity & Compliance Specialist Level 2

Puerto Rico, United States·Posted 1 month ago
On-siteFULL TIME$50,000 – $60,000MID

About the job

Hybrid/Remote 

Position Overview

The Cybersecurity & Compliance Specialist will be responsible for designing, implementing, and maintaining the company’s cybersecurity program, with a primary focus on continuous compliance with CMMC Level 2 requirements. This role owns the cybersecurity compliance program and ensures the organization remains audit-ready at all times through active controls, updated documentation, and risk mitigation.

Key Responsibilities

1. CMMC Level 2 Compliance (Primary Responsibility)
 - Implement and maintain the 110 security controls based on NIST 800-171.
 - Maintain all required compliance documentation, including:
 - System Security Plan (SSP)
 - Policies & Procedures
 - POA&M (Plan of Action & Milestones)
 - Ensure continuous compliance readiness.
 - Lead internal and external audits.
 - Serve as the primary point of contact for auditors and cybersecurity consultants.
 
 2. Cybersecurity Management
 - Develop and implement security policies related to:
 - Access control
 - Controlled Unclassified Information (CUI)
 - Endpoint protection
 - Monitor threats, vulnerabilities, and incidents.
 - Implement and maintain:
 - Multi-Factor Authentication (MFA)
 - Conditional Access Policies
 - Data Loss Prevention (DLP)
 - Manage incident response activities, including detection, containment, and documentation.
 
 3. Microsoft 365 Security Administration
 - Advanced administration of:
 - Microsoft Entra ID (Azure AD)
 - Intune
 - Microsoft Defender
 - Security & Compliance Center
 - Manage identities, roles, and permissions.
 - Monitor and respond to security alerts.
 - Harden the Microsoft 365 environment according to CMMC requirements.
 
 4. Governance & Documentation
 - Document all cybersecurity processes and controls.
 - Maintain organized audit evidence and records.
 - Update policies and procedures based on regulatory changes.
 - Ensure traceability of actions, decisions, and remediation efforts.
 
 5. Coordination with IT Support (Separate Function)
 - Define cybersecurity requirements for technical implementations.
 - Validate that IT configurations comply with CMMC standards.

- This position will support but will not be responsible for:
 - Daily help desk support
 - General IT troubleshooting
 
 6. Security Awareness & Training
 - Conduct employee cybersecurity awareness training.
 - Lead phishing awareness and data handling initiatives.
 - Promote a strong cybersecurity culture across the organization.


Monday - Friday
40 hours
About the Company
G
Genco
1 open position
View all jobs →
Cybersecurity & Compliance Specialist Level 2 at Genco | Job Board