IT Security AdministratorJob Description Ducommun is a global provider of manufacturing and engineering services, developing innovative electronic, engineered and structural solutions for complex applications in aerospace, defense and industrial markets. Ducommun Incorporated is dedicated to providing the aerospace and defense industry with leading engineered products, electronic and structural manufacturing and assembly services as well as aftermarket support.
This position will play a critical role in protecting company assets that may store or process valuable company data from potential cyber-attacks and help maintain our company's reputation as a cyber-security leader, which indirectly would influence customer relationships and future contract awards.
Assessment and Evaluation of Systems:
- Assess compliance with standards such as NIST SP 800-171, CMMC.
- Establishes proactive reporting system for non-compliance, intrusion or abuse of information security procedures within classified areas and investigate and recommend corrective actions for violations to the IT Management and Security Management.
- Review current and upcoming security requirements/threats and create the necessary actions to mitigate any risks to the organization.
- Perform as a member of the IT Incident Response Team for threats and security risks to the organization. This includes interfacing with the underlying teams/individuals to formulate and apply remediation action.
Security Platform Implementation / Project Support:
- Responsible for implementation and management of various IT security platforms: Web, EPP, SIEM, etc.
- Understand and execute the standards such as NIST SP 800-171, CMMC.
- Expertise in securing desktop and server Operating Systems (Microsoft Windows) with best practices and adherence to NIST baselines.
- Serve as an SME for Security and Compliance and escalate status, issues and opportunities to the IT Security Project Manager and Change Management Board as required.
- Build and maintain cloud components specific to security, identity, and governance in multiple cloud providers.
- Support, manage, monitor, and maintain internal IT infrastructure as it relates to security
Policy and Procedure Administration:
- Responsible for administering IT Policy and Procedure based on security frameworks and guidance from CMMC, NIST and DFARS
- Provide assistance to IT team members and Performance Centers to insure compliance with applicable IT Security policies, DoD/Service specific regulations and contractual security requirements.
- Administer and implement security best practices and security guidelines for cloud technologies.
Knowledge and Awareness:
- Knowledge of network technologies/protocols and computer security concepts in large-scale enterprise technology environment.
- Identify new security platforms/tools to improve overall infrastructure security;
Other:
- Responsible for the proper handling and management of hazardous waste generated in their work area.
- Performs other duties as assigned including leading projects and participation in project committees
Skills & Qualifications Required Education and Experience Prefer Bachelor's Degree in IT or a related technical discipline.
2+ Years of IT Audit experience preferred
2+ Years of IT Security management preferred
Required Licenses / Certifications Preferred Security +
Preferred CISSP, GSEC
Required Knowledge, Skills and Capabilities Knowledge and experience with the NIST 800-171 Defense Federal Acquisition Regulation Supplement (DFARS) and the Cybersecurity Maturity Model Certification (CMMC)
Preferred Cloud Security Experience (AWS , Microsoft Office 365 )
Familiarity with PCI, SOX, NIST 800-171/53, CMMC, and FedRAMP frameworks as well as other related compliance standards on IT projects.
Proven ability to support, manage, monitor, and maintain internal IT infrastructure and backups in a hybrid cloud environment
Familiarity with network security, continuous monitoring, system auditing, and security policy development.
Good social, verbal, and written communication skills, with demonstrated ability to effectively present analytical data to a variety of technical and non-technical audiences.
Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.
Proven ability to assess and recommend IT processes and policies
Experience supporting IT initiatives to assess and implement new technologies
Thorough understanding of interconnected systems, their security architecture design and
operational support.
Equal Opportunity Employer
Veterans/Disabled
600 Anton Blvd, Suite 1100
Costa Mesa, California, 92626
United States
Base
Compensation: USD 75 000.00 Paid Salaried