HumCap’s client is seeking an experienced IT Security Specialist to serve as the hands-on technical owner of the organization’s cybersecurity environment. This role is responsible for implementing, configuring, and administering security technologies across cloud, endpoint, identity, and network environments while ensuring compliance with regulatory and contractual security requirements. This is a highly technical, individual contributor role requiring deep, practical experience with enterprise security tools and the ability to independently evaluate, deploy, and manage cybersecurity solutions.
Key Responsibilities
Security Architecture & Tool Administration
- Evaluate, implement, and maintain cybersecurity tools to protect systems, networks, and data
- Design and support security architecture across cloud, endpoint, identity, and network environments
- Configure and administer endpoint protection, identity security, network security, and vulnerability management tools
- Integrate and support security solutions within Microsoft GCC High and hybrid environments
- Manage security monitoring, alerting, and logging infrastructure
- Administer identity platforms, including Azure AD / Microsoft Entra ID
- Implement and maintain MFA, conditional access, and privileged identity management
- Enforce least-privilege access and role-based access control
Compliance & Regulatory Security
- Implement and maintain security controls aligned with CMMC 2.0, NIST 800-171, and related frameworks
- Maintain documentation for security controls, configurations, and compliance evidence
- Support internal and third-party audits and security assessments
- Assist with system security plans (SSPs), policies, and procedures
Threat Detection & Risk Management
- Monitor security tools, logs, and alerts for suspicious activity
- Investigate and respond to security incidents and alerts
- Conduct vulnerability scans and security assessments
- Prioritize and coordinate remediation of identified vulnerabilities
- Implement system hardening and patch management practices
Security Best Practices & Continuous Improvement
- Evaluate emerging threats and recommend security improvements
- Partner with IT teams to ensure systems follow security best practices
- Support employee cybersecurity awareness initiatives
Qualifications
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience)
- 5+ years of hands-on experience in cybersecurity or information security roles
- Experience implementing and administering enterprise security technologies
- Experience working in Microsoft GCC High or government cloud environments preferred
- Experience supporting CMMC 2.0 and/or NIST 800-171 compliance preferred
- Experience in regulated or government contracting environments a plus
Technical Experience (Preferred)
- Endpoint Detection & Response (EDR)
- SIEM platforms (Microsoft Sentinel or similar)
- Vulnerability scanning and management tools
- Identity & Access Management (IAM)
- Network security tools (firewalls, IDS/IPS)
- Microsoft Defender and/or SentinelOne
- Email security and phishing protection
- Windows security configuration and system hardening
Certifications (Preferred)
- CISSP
- CISM
- CEH
- CompTIA Security+
- CMMC Registered Practitioner (RP) or related certification
