Cybersecurity Manager

Apogee Solutions, a Woman-Owned Small Business, is seeking a Cybersecurity Manager to support our corporate Cybersecurity Maturity Model Certification (CMMC) program in Chesapeake, VA. Qualified candidates must be a U.S. Citizen capable of receiving a DOD Top Secret clearance.

The Cybersecurity Manager is responsible for managing, administering, and coordinating Apogee Solutions' CMMC Cybersecurity Program. Apogee Solutions has achieved a CMMC Level 2 Certification via assessment by a Certified Third-Party Assessment Organization (C3PAO). This role is critical in ensuring the security of Controlled Unclassified Information (CUI), Federal Contract Information (FCI), Covered Defense Information (CDI), Controlled Technical Information (CTI), and International Traffic in Arms Regulations (ITAR) Data, safeguarding Apogee Solutions' Department of Defense (DoD) portfolio. The Cybersecurity Manager will be responsible for developing, implementing, and managing a secure and compliant enclave for CUI, FCI, CDI, CTI, and ITAR data, ensuring adherence to federal cybersecurity regulations.

The Cybersecurity Manager will :

• Oversee the CMMC compliance program, including gap analysis, certification, and continuous monitoring.
• Maintain cybersecurity posture at Cybersecurity Maturity Model Certification (CMMC) Level 2 with all 110 security controls across 14 domains.
• Ensure full incorporation of cybersecurity standards in accordance with DFARS 252.204-7021, Cybersecurity Maturity Model Certification Requirements
• Maintain cybersecurity compliance with National Institutes of Standards (NIST) Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations., and NIST SP 800-173, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations.
• Ensure compliance management, continuous monitoring, and facilitating projects to drive long-term evolution of security environment.
• Oversee the lifecycle management of the full CMMC program, including developing and maintaining essential documentation, including the System Security Plan (SSP) and mitigation and reporting of security / cyber related incidents.
• Create, implement, and maintain company-wide security policies and procedures that translate CMMC requirements into actionable practices.
• Manage and lead the response for all internal and external CMMC audits and assessments by preparing for and conducting cybersecurity readiness inspection, self-inspections, and audits.
• Oversee management of IT security policies as related to IT solutions and configuration.
• Conduct risk assessments and oversee the vulnerability management lifecycle for the CUI, FCI, CDI, CTI, and ITAR environments.
• Regularly conduct internal audits to assess the effectiveness of security controls and provide reports and briefings on program status, risks, and milestones to company leadership.
• Nurture external and internal customer relationships, developing cyber security and information security programs, and deliver high quality site and systems security plans.
• Provide key security support to geographically dispersed company employees.
• As needed, design and develop Information Assurance (IA) or IA-enabled products, interface specifications, and approaches to secure the environment.
• Lead / support quarterly Federal Information Security Management Act audits.

Required Experience :

Skills & Requirements Qualifications Apogee Solutions is an Equal Opportunity and Affirmative Action Employer. We welcome and encourage diversity in our workforce.

Apogee Solutions provides equal employment opportunity to all employees and qualified applicants without regard to race, color, religion, national origin, sex, age, disability, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected characteristic under federal, state or local laws.

Apogee Solutions proudly supports a culture of inclusion that encourages a work environment that honors diverse opinions. Employees can flourish here : they know their individual skills, abilities and viewpoints are honored. Our diverse business is united by a common goal of being the best in the business, delivering value, and being a good corporate citizen in each of the communities where we do business