Logo for Red Cup IT

CMMC Security Engineer at Red Cup IT, Inc.

Red Cup IT

Roles & Responsibilities

  • Bachelor's degree in Information Security, Computer Science, or a related field.
  • Professional certifications such as CISSP, CISM, GIAC, or CCA/CCP (CMMC-specific certifications preferred).
  • Experience supporting DoD compliance or federal contracts is highly valued.

Requirements:

  • Design, implement, and monitor security controls aligned with CMMC requirements, including access controls, encryption, endpoint protection, and secure configurations.
  • Lead vulnerability assessments, scan remediation tracking, and continuous risk management across hybrid and cloud environments.
  • Prepare for and facilitate CMMC assessments (self and third-party), maintain certification documentation (SSP, POAM), and address audit findings.
  • Collaborate with compliance managers, legal/data protection officers, and operations teams to ensure continuous alignment with NIST SP 800-171/DFARS controls.

Job description

We are looking for a CMMC Security Engineer is responsible for implementing, maintaining, and leading cybersecurity efforts to ensure compliance with the Cybersecurity Maturity Model Certification (CMMC) standards, focusing on protecting Controlled Unclassified Information (CUI) for organizations in the Defense Industrial Base (DIB).

Key Responsibilities

  • Design, implement, and monitor security controls aligned with CMMC requirements, including access controls, encryption, endpoint protection, and secure configurations.
  • Lead vulnerability assessments, scan remediation tracking, and continuous risk management across hybrid and cloud environments.
  • Support incident response, threat hunting, and forensic analysis for cybersecurity events.
  • Prepare for and facilitate CMMC assessments (self and third-party), maintain certification documentation (SSP, POA&M), and address audit findings.
  • Collaborate with compliance managers, legal/data protection officers, and operations teams to ensure continuous alignment with NIST SP 800-171/DFARS controls.
  • Oversee CMMC continuous monitoring programs and identify compliance gaps in workflows.
  • Provide security awareness training and promote a culture of cybersecurity vigilance across departments.

Required Skills

  • Deep understanding of CMMC 2.0 framework, NIST SP 800-171, and DFARS requirements.
  • Experience conducting technical assessments, vulnerability management, and implementing FedRAMP Moderate or equivalent systems for CUI.
  • Strong documentation skills for policies, procedures, and audit support.
  • Ability to communicate technical findings to both technical and non-technical stakeholders.
  • Knowledge of cloud (e.g., Azure, Microsoft 365) and on-premise security technologies.

Typical Qualifications

  • Bachelor’s degree in Information Security, Computer Science, or a related field.
  • Professional certifications such as CISSP, CISM, GIAC, or CCA/CCP (CMMC-specific certifications preferred).
  • Experience supporting DoD compliance or federal contracts is highly valued.

Job Purpose

The role ensures a secure and compliant enclave for CUI, mitigates cybersecurity risks, leads compliance projects, and prepares for third-party assessments and audits under the evolving CMMC 2.0 regulations.
Ready to apply?
APPLY
·

Security Engineer Related jobs

California (USA)Security Engineer

Other jobs at Red Cup IT

We help you get seen. Not ignored.

We help you get seen faster — by the right people.

🚀

Auto-Apply

We apply for you — automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.