Job Description

U.S. Citizenship Required. Ability to qualify for a US Department of Defense TOP SECRET security clearance required.

This position is in-person.

Toyon is looking for a highly skilled and motivated Cybersecurity Compliance Manager to join our Security team. The ideal candidate will have experience in managing cybersecurity programs in the defense industry and possess strong knowledge of the regulatory requirements of the NIST SP 800-171. The role requires hands-on technical expertise, strong analytical skills, and the ability to work well collaboratively with a team. Applicant will be responsible for security assessment readiness and ongoing compliance with NIST SP 800-171 CMMC requirements across the enterprise. The Cybersecurity Compliance Manager will work with Security and IT teams to ensure that recurring tasks, evidence collection, and reporting obligations in the System Security Plan (SSP) are completed on schedule. This work will involve hands-on configuration of systems, development of security compliance guidelines, and collaboration on system design.

Responsibilities:

• Develop, implement, and maintain the organization’s cybersecurity compliance program
• Provide guidance and direction to the IT Team in relation to cybersecurity topics, encouraging efficient practices
• Implement and validate technical security controls across systems including endpoint protection, firewalls, and audit logging mechanisms
• Conduct regular audits of the organization’s information systems to ensure all information systems meet relevant cybersecurity regulatory requirements
• Conduct host-based and network-based security assessments, including manual and automated vulnerability scanning
• Configure and maintain secure baselines for Linux and Windows systems using tools like Group Policy, Ansible, or similar configuration management platforms
• Participation in the Configuration Management Board
• Perform select technical tasks in Active Directory and Microsoft 365 to support compliance (e.g., account reviews, group policy audits, password/lockout policy checks)
• Write and maintain automation scripts to support compliance monitoring, log aggregation, and remediation workflows
• Perform log correlation and security event analysis using tools like Splunk, Elastic Stack, or similar SIEM solutions
• Assist in the creation of allowable and disallowable lists for enterprise software
• Develop detailed incident response plans in the event of a cybersecurity breach or attack
• Lead technical root cause analysis and remediation of gaps or compliance audit finding
• Support staff awareness and training initiatives to reinforce compliance responsibilities across departments
• Track subcontractor Cybersecurity compliance, and advise management on applicable subcontractor CMMC compliance flow down
• Prepare and maintain detailed documentation, including Security Plans (SSPs), Policies and Procedures, Plans of Action and Milestones (POA&Ms), and other required artifacts

Requirements

• 5+ years of experience and a bachelor’s or advanced degree in Cybersecurity, Computer Science, Computer Engineering, or a related field. Additional experience will be considered in lieu of a degree.
• Leadership experience and capacity to act as an agent of change
• Problem-solving and analytical skills
• Excellent written and verbal communication skills, with the ability to clearly articulate technical information to both technical and non-technical audiences
• Strong understanding of NIST SP 800-171, CMMC, and DoD contractor cybersecurity best practices
• Experience with compliance tracking tools, ticketing systems, and evidence management platforms
• Hands-on technical experience with Active Directory, Microsoft 365, and endpoint/server security configuration
• Proficiency in both Linux and Windows operating systems
• Experience with the configuration, security hardening, and/or troubleshooting of network hardware
• Proficiency with log management/aggregation platforms such as Splunk

WE OFFER AN EXCEPTIONAL EMPLOYEE BENEFITS PACKAGE!

• Competitive Industry Pay
• 100% Employer-Paid Medical Insurance Premium
• HSA with Employer Contributions
• Dental and Vision Coverage Options
• Paid Holidays
• Paid Vacation and Sick leave
• Company Funded 401(k) and Profit Sharing Plans
• Employee Stock Ownership Plan (ESOP)
• Life and Disability Insurance
• Paid Parental Leave
• Discretionary Bonus Eligibility

The annual pay range for the Cybersecurity Compliance Manager position is $135,000 to $185,000.

The posted pay range values provide the candidate with guidance on annual base compensation for the position, at a full time level of effort, exclusive of overtime, bonus, and benefits-related compensation, over a range of qualifications that may fit hiring objectives. Toyon Research Corporation will consider the individual candidate’s education, work experience, applicable knowledge, skills and training, among other factors, when preparing an offer of employment.

Equal Opportunity Employer including Disability and Veterans

Applicant Privacy Notice

Learn more about our company in our latest video, We are Toyon.

The application window for this posting will remain open until the position is filled.

Ref #2662-I