Hybrid in VA - Senior Information Security Analyst (CMMC - Required) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Addison Group · 5 hours ago

Hybrid in VA - Senior Information Security Analyst (CMMC - Required)

positionHerndon, VA
timeFull-time
remoteHybrid
senioritySenior Level
money$67/hr - $73/hr

Addison Group is a growing technology-focused government contractor seeking a Senior Information Security Analyst to support their compliance with CMMC Level 2 and enhance their internal security program. This role involves implementing security controls, preparing for audits, and collaborating with IT teams to ensure compliance with cybersecurity requirements.

Information TechnologyRecruitingStaffing Agency
check
Growth OpportunitiesbadNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Implement, operate, and sustain information security controls aligned to NIST SP 800 171 and CMMC Level 2
Configure and validate technical controls such as MFA logging encryption hardening and access control
Collect develop validate and organize audit evidence for internal and external assessments
Maintain and update System Security Plans SSPs POA&Ms control narratives and supporting documentation
Perform control assessments identify gaps and drive remediation through closure
Work directly with IT administrators to securely configure M365 Azure AD Entra ID Intune GPO SIEM and EDR tools
Prepare for audits respond to auditor questions and supply artifacts
Support incident investigation documentation and corrective action follow up
Serve as an Alternate ISSO for designated systems as delegated
Provide mentorship and task level guidance to junior analysts

Qualification

NIST SP 800 171CMMC Level 2Technical security operationsMicrosoft 365Audit preparationGovernment contracting experienceSecurity certificationsMentorshipIndependent work

Required

CMMC - Required
Hands on implementation of NIST SP 800 171 and CMMC Level 2 controls
Technical security operations experience including access control logging monitoring vulnerability management endpoint hardening and encryption
Experience with Microsoft 365 Azure AD Entra ID Windows security Intune GPO and SIEM EDR platforms
Audit preparation and evidence development experience
Ability to work independently in a regulated and fast moving environment
US Citizens or Green Card holders - due to government regulated work environment

Preferred

Experience in government contracting or Defense Industrial Base settings
Prior ISSO ISSM or RMF practitioner experience
Experience in GCC High or similar secure cloud environments
Familiarity with DFARS 252.204 7012 requirements
Security certifications such as CISSP CISM or CMMC RP CC P are a plus

Benefits

Medical
Dental
Vision
401(k)
Additional employer provided benefits

Company

Addison Group

twittertwittertwitter
Glassdoor4.2
company-logo
Addison Group specializes in filling company’s contract, contract-to-hire, or direct hire positions with professional candidates.
dateFounded in 1999
location
Chicago, Illinois, USA
people-size1001-5000 employees
web-link
http://www.addisongroup.com

Funding

Current Stage
Late Stage
Total Funding
unknown
Key Investors
Odyssey Investment Partners
2022-01-04Acquired
2016-12-19Private Equity

Leadership Team

leader-logo
Thomas B. Moran
CEO
linkedin

Recent News

Newswire
Addison Group, a Professional Services Leader, Releases Comprehensive 2026 Workforce Planning Guide
2025-10-07
Newswire
Addison Group Named One of the Largest Staffing Firms in the U.S. for 9th Consecutive Year
2025-07-02
Newswire
Addison Group Names Manuel Azuara as President of Its Financial Consulting Services Brands
2025-05-17
Company data provided by crunchbase