Information System Security Officer (CMMC Compliance)

The Opportunity:

Under general supervision, develop and execute security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce, and web-based systems. Maintain hardware, software, and network firewalls and encryption protocols. Administer cybersecurity policies to control physical and virtual access to systems. Perform network security audits and testing, evaluate system security configurations for efficacy and compliance, conduct penetration testing and vulnerability assessments, and provide management with information on the impact of security incidents.

THE OPPORTUNITY:

NuSil seeks an Information System Security Officer to develop & administer a CMMC-compliant information systems security program supporting our high-performance silicones business serving the Aerospace & Defense industries.

WHAT WE'RE LOOKING FOR (EDUCATION): Bachelor's degree with three years of relevant experience or additional work experience in lieu of a degree.

CERTIFICATIONS: CCP, CCA, CISSP, CISM, or CISA preferred.

EXPERIENCE: Knowledge of CMMC and NIST SP 800-171, compliance assessment, and risk management. Familiarity with NISPOM and DFARS is a plus.

MINIMUM REQUIREMENTS:

• Must be a US Citizen with an active U.S. Government security clearance.
• Bachelor's degree in a related field with three years of relevant experience.
• Understanding of secure information system design, implementation, and maintenance. Knowledge of monitoring and risk assessment practices.
• Excellent communication and interpersonal skills for collaboration with various stakeholders.

PREFERRED QUALIFICATIONS: Extensive experience with NIST SP 800-171, CMMC, SSP, POA&M, CUI data protection, and relevant certifications. Ability to obtain and maintain a Secret-level clearance and SAP approval. Knowledge of NISPOM and DFARS. Strong analytical, problem-solving, and leadership skills. Ability to work independently and in teams, adapt to fast-paced environments, and foster positive relationships.

MAJOR JOB DUTIES & RESPONSIBILITIES:

• Manage CMMC compliance, including policies, controls, audits, and assessments.
• Maintain and update the System Security Plan (SSP).
• Develop and track Plan of Action & Milestones (POA&M).
• Implement cybersecurity risk management strategies and controls.
• Protect CUI through access controls, encryption, and monitoring.
• Support continuous monitoring and incident response.
• Promote security awareness and training.
• Guide classification markings for sensitive data.
• Perform other related duties as needed.

Disclaimer: The above describes the general responsibilities and is not exhaustive. Avantor is an equal opportunity employer.

Why Avantor?

Join a global team committed to impactful science, career growth, and an inclusive culture. Our work changes lives, from medical treatments to medical devices, offering numerous opportunities for growth and contribution.

Pay Range: $85,000 - $141,600 pre-tax, depending on experience and location.

EEO Statement: We are an equal opportunity employer and VEVRAA Federal Contractor. We do not discriminate on protected characteristics. Reasonable accommodations are available upon request via recruiting@avantorsciences.com.