IT/ Security Compliance Officer

Andercorp, LLC
Gulfport, United States of America
9 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Gulfport, United States of America

Tech stack

Computer Security
Information Systems
Digital Assets
Multi-Factor Authentication
Information Systems Security Architecture Professional
Network Segmentation
Software Vulnerability Management
Data Logging
Information Security Management System
Information Technology
Data Management
Plan of Action and Milestones

Job description

AnderCorp is seeking an experienced and proactive IT/Security Compliance Officer to lead the development, implementation, and oversight of the company's information technology security, data protection, and regulatory compliance programs. This role is critical to supporting our continued growth in the federal contracting space while maintaining best practices for private sector projects. The IT/Security Compliance Officer will manage compliance with federal cybersecurity requirements such as CMMC, NIST SP 800-171, and DFARS, while ensuring that IT systems, networks, and data-handling practices meet the standards required to safeguard Controlled Unclassified Information (CUI) across the enterprise.

Key Role Responsibilities

Federal Compliance

  • Lead and maintain compliance efforts for CMMC Level 1/2, SPRS score submission, DFARS 252.204-7012, and NIST SP 800-171.
  • Develop and maintain a compliant System Security Plan (SSP), Plan of Action and Milestones (POA&M), and all related cybersecurity documentation.
  • Coordinate with IT, legal, and operations to ensure contract-specific security requirements are implemented and maintained.
  • Prepare the organization for and oversee internal and third-party (C3PAO) security assessments and audits.

IT Security & Risk Management

  • Establish, enforce, and continuously improve cybersecurity and physical security standards for field offices, project sites, and headquarters.
  • Oversee technical safeguards, including access control, multi-factor authentication, endpoint protection, encryption, logging, and network segmentation in support of CUI protection.
  • Manage security awareness training for employees, subcontractors, and stakeholders-tailored for federal versus private sector contexts.
  • Monitor and maintain risk management protocols, including incident response, breach reporting, vulnerability management, and insider threat mitigation.

Private Sector & Corporate Compliance

  • Ensure adherence to internal policies, insurance requirements, and client-specific risk control measures for negotiated work.
  • Maintain compliance with applicable local, state, and industry-specific regulatory standards.
  • Support contract review processes to assess compliance risks and recommend mitigation strategies.

Document & Communication

  • Create and maintain policy manuals, SOPs, employee handbooks, and training documentation related to IT security and compliance.
  • Serve as primary liaison for security-related inquiries from contracting officers, auditors, and clients.
  • Provide regular reports to executive leadership on compliance status, risk posture, and areas for improvement.

Requirements

  • Bachelor's degree in Cybersecurity, Information Systems, Information Technology, Business Administration, or a related field.
  • Minimum 5 years of experience in IT security, compliance, or risk management roles.
  • Familiarity with federal acquisition regulations (FAR, DFARS) and CMMC/NIST frameworks.
  • Strong working knowledge of data protection laws and best practices for physical and digital asset security.

Desired

  • Background in and demonstrated working knowledge of the Cybersecurity Maturity Model Certification (CMMC) program, including CMMC Level 1 and Level 2 requirements, assessment preparation, and ongoing compliance maintenance.
  • Hands-on experience implementing and assessing NIST SP 800-171 controls and supporting CMMC readiness for a defense or federal contractor.
  • Experience working in or with federal construction / general contracting firms.
  • Certified CMMC Professional (CCP) or Certified CMMC Assessor (CCA); Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
  • Experience conducting or managing third-party security audits and assessments.

Soft Skills

  • Strong organizational and documentation skills.
  • Excellent written and verbal communication for interfacing with technical and non-technical stakeholders.
  • Proactive, self-motivated, and capable of operating independently in a fast-paced, multi-project environment.

Benefits & conditions

Pulled from the full job description

  • Paid training
  • 401(k) matching
  • Paid time off
  • Vision insurance
  • Paid holidays, * Competitive salary based on experience
  • Health, dental, and vision insurance
  • 401(k) with employer match
  • PTO and paid holidays
  • Training and certification reimbursement

Apply for this position