Information Technology Security Administrator
About the role
The IT Systems Security Administrator at Loft Federal will implement, maintain, and secure our on-premises and cloud infrastructure. This includes configuring and hardening endpoints, servers, and networks, administering cloud environments, implementing MDM policies, enforcing IAM controls, managing network security, and ensuring compliance with CMMC 2.0 (Level 2) and NIST SP 800-171.
Responsibilities
- Configure and harden Windows/Linux endpoints, servers, and networks according to industry standards (e.g., CIS Benchmarks or DISA STIGs) to satisfy NIST/CMMC technical controls.
- Administer and secure cloud environments, specifically managing secure configurations in Microsoft 365 GCC High, Google GCP, and/or AWS Gov cloud environments.
- Implement and manage robust Mobile Device Management (MDM) policies using Microsoft Intune or equivalent tools.
- Implement and enforce strict Identity and Access Management (IAM) controls, including Multi-Factor Authentication (MFA), Single Sign-On (SSO), and conditional access policies.
- Configure and manage corporate network security, including firewalls, secure Wi-Fi, VPNs, and Network Access Control (NAC).
- Configure, fine-tune, and monitor security tools, including Endpoint Detection & Response (EDR) and SIEM logs.
- Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan.
- Assist in investigations of computer security violations and incidents, reporting as necessary to the appropriate parties.
- Auxiliary in the technical vulnerability management lifecycle: execute regular vulnerability scans, analyze results, prioritize, and deploy patches across all systems.
- Participate in threat, vulnerability, and risk assessments to implement effective security changes across the business.
- Collaborate closely with the DevSecOps team to enforce and maintain NIST/CMMC compliance across our software development infrastructure, CI/CD pipelines, and application deployments.
Requirements
- Experience: 5+ years of hands-on experience in Systems Administration with a heavy focus on IT security.
- Citizenship: U.S. Citizenship is required due to federal contracting compliance and data handling requirements.
- Active DoD Secret clearance is required.
- The ability to obtain and maintain a Top Secret / Sensitive Compartmented Information (TS/SCI) clearance is required.
Nice to Haves
- Bachelor’s degree in information technology or a related field.
- Experience with NIST 800-37, 800-53
- IAT Level II Certification: Security+ CE, CCNA Security
- Additional hands-on technical certifications (e.g., Azure Security Engineer Associate, CySA+, or Network+).
- Demonstrated problem-solving and analytical abilities.
- Familiarity with current cybersecurity threats and mitigation strategies.
- Ability to work collaboratively with cross-functional teams.
Qualifications
- Must have a Top Secret / Sensitive Compartmented Information (TS/SCI) clearance.
Skills
- Hands-on experience in Systems Administration with a focus on IT security.
- Experience with cloud environments, specifically Microsoft 365 GCC High, Google GCP, and/or AWS Gov.
- Experience with Mobile Device Management (MDM) policies and tools like Microsoft Intune.
- Experience with Identity and Access Management (IAM) controls, including MFA, SSO, and conditional access policies.
- Experience with network security, including firewalls, secure Wi-Fi, VPNs, and Network Access Control (NAC).
- Experience with security tools such as Endpoint Detection & Response (EDR) and SIEM logs.
- Experience with vulnerability management and threat, vulnerability, and risk assessments.
- Experience with DevSecOps and NIST/CMMC compliance.
Benefits
Loft Federal offers a competitive salary range of $115,000 - $145,000 USD, along with a comprehensive benefits package that includes health insurance, retirement plans, and paid time off.
Pay
$115,000 - $145,000 USD
Schedule
Full-time
Accessibility & Accommodations
If you require a reasonable accommodation due to a disability when applying for an open position, please contact us at recruiting@loftfederal.com for assistance.
Equal Employment Opportunity & Affirmative Action
We consider all qualified applicants for employment without regard to race, color, age, religion, sex, gender identity or expression, sexual orientation, marital status, national origin, ancestry, veteran status, genetic information, disability, pregnancy, or any other legally protected status.
Third-Party Recruiters & Agencies
No outside recruiters, please. Loft Federal does not accept unsolicited resumes from headhunters, staffing agencies, or third-party recruiters. We will not pay fees for candidates submitted without a signed agreement in place.