Apply on Employer Site

Ursa Major · 1 day ago

Cybersecurity Administrator II - CUI

Berthoud, CO

Full-time

Onsite

Mid, Senior Level

$94K/yr - $117K/yr

5+ years exp

Ursa Major is a company focused on revolutionizing aerospace and defense through high-performance propulsion systems. They are seeking a Cybersecurity Administrator II to oversee the cybersecurity strategy, focusing on risk mitigation for Controlled Unclassified Information (CUI) while ensuring compliance with federal regulations.

AerospaceNational SecuritySatellite CommunicationSpace Travel

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Identify and Prioritize Risks: Conduct high-level risk assessments and threat modeling specifically focused on the protection of CUI and Federal Contract Information (FCI)

Develop Mitigation Strategies: Oversee the implementation and advancement of comprehensive risk mitigation strategies to ensure data integrity and confidentiality at the CUI level

Data Flow Analysis: Work with stakeholders and external vendors to ensure risk management and CUI handling protocols are embedded in all applicable organizational processes and systems

Technical Controls: Establish and enforce advanced security policies and protocols across the organization to meet stringent federal data protection standards

Infrastructure Optimization: Manage and optimize security infrastructure, including firewalls, IDS/IPS, and SIEM systems, ensuring they are tuned to detect threats against sensitive data environments

Federal Compliance Leadership: Lead the technical implementation of compliance programs to adhere to CMMC, NIST (800-171/800-53), FISMA, and FedRAMP

Documentation & Auditing: Develop and maintain critical documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plan of Action and Milestones (POA&M) specifically for CUI-governed systems

Audit Readiness: Oversee regular compliance audits and assessments, ensuring all findings related to CUI protection are addressed promptly

Directed Response: Lead the development of incident response plans and manage efforts for cybersecurity incidents, ensuring effective containment and recovery of impacted CUI assets

Post-Incident Analysis: Conduct detailed post-incident analysis to extract lessons learned and improve future risk mitigation strategies

Training and Awareness: Develop and lead cybersecurity training programs for employees and junior staff, focusing on proper CUI handling and compliance requirements

Qualification

Risk ManagementNIST SP 800-171CMMCSIEMCISSPLeadershipCommunicationMentorship

Required

Minimum of 5-7 years of experience in cybersecurity, with a heavy focus on risk management and federal data protection

An equivalent combination of a Master's degree with 1-3 years of experience, or a Bachelor's degree with 3-5 years of experience is acceptable

Extensive experience working with government contracts and a deep understanding of federal cybersecurity regulations, particularly NIST SP 800-171 and CMMC

Advanced proficiency in security technologies (SIEM, firewalls, IDS/IPS)

Strong leadership, mentorship, and communication skills to bridge the gap between technical requirements and management goals