Logo for Red Cup IT

CMMC Security Engineer at Red Cup IT, Inc.

Role overview

Qualifications

  • Deep understanding of CMMC 2.0 framework, NIST SP 800-171, and DFARS requirements.
  • Experience conducting technical assessments, vulnerability management, and implementing FedRAMP Moderate or equivalent systems for CUI.
  • Strong documentation skills for policies, procedures, and audit support.
  • Bachelor’s degree in Information Security, Computer Science, or a related field.

Responsibilities

  • Design, implement, and monitor security controls aligned with CMMC requirements.
  • Lead vulnerability assessments, scan remediation tracking, and continuous risk management.
  • Support incident response, threat hunting, and forensic analysis for cybersecurity events.
  • Prepare and facilitate CMMC assessments and maintain certification documentation.

About the company

Red Cup IT logo

Red Cup IT

Computer Hardware & Networking

Red Cup IT is an enterprise-grade IT firm that provides MSP, MSSP, Project Delivery, and Skill Augmentation solutions. We have been in business for twelve years and support clients across the United States. Our hallmark is the delivery of skillsets in more than 100 IT solutions and SaaS applications. Red Cup IT’s technical staff constantly cross-train across their specializations. Our company culture is unusual for firms of our nature. We strongly believe in IT skill transfer and knowledge sharing. Our customers’ business and IT leaders appreciate that we take care of the technical details so that they can focus on their strategic and business missions. Our end users appreciate the white glove support we provide. We focus on vendor relationship development and know how to get the most out of our partnerships on behalf of our clients.

Company details

Company typeSME
IndustryComputer Hardware & Networking
Company size11 - 50

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

We are looking for a CMMC Security Engineer is responsible for implementing, maintaining, and leading cybersecurity efforts to ensure compliance with the Cybersecurity Maturity Model Certification (CMMC) standards, focusing on protecting Controlled Unclassified Information (CUI) for organizations in the Defense Industrial Base (DIB).

Key Responsibilities

  • Design, implement, and monitor security controls aligned with CMMC requirements, including access controls, encryption, endpoint protection, and secure configurations.
  • Lead vulnerability assessments, scan remediation tracking, and continuous risk management across hybrid and cloud environments.
  • Support incident response, threat hunting, and forensic analysis for cybersecurity events.
  • Prepare for and facilitate CMMC assessments (self and third-party), maintain certification documentation (SSP, POA&M), and address audit findings.
  • Collaborate with compliance managers, legal/data protection officers, and operations teams to ensure continuous alignment with NIST SP 800-171/DFARS controls.
  • Oversee CMMC continuous monitoring programs and identify compliance gaps in workflows.
  • Provide security awareness training and promote a culture of cybersecurity vigilance across departments.

Required Skills

  • Deep understanding of CMMC 2.0 framework, NIST SP 800-171, and DFARS requirements.
  • Experience conducting technical assessments, vulnerability management, and implementing FedRAMP Moderate or equivalent systems for CUI.
  • Strong documentation skills for policies, procedures, and audit support.
  • Ability to communicate technical findings to both technical and non-technical stakeholders.
  • Knowledge of cloud (e.g., Azure, Microsoft 365) and on-premise security technologies.

Typical Qualifications

  • Bachelor’s degree in Information Security, Computer Science, or a related field.
  • Professional certifications such as CISSP, CISM, GIAC, or CCA/CCP (CMMC-specific certifications preferred).
  • Experience supporting DoD compliance or federal contracts is highly valued.

Job Purpose

The role ensures a secure and compliant enclave for CUI, mitigates cybersecurity risks, leads compliance projects, and prepares for third-party assessments and audits under the evolving CMMC 2.0 regulations.

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Security Engineer Related jobs

Other jobs at Red Cup IT

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.