Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Cybersecurity & Compliance Specialist (CMMC 2.0)

$140k - $175k

Xcimer-Energy

Xcimer Energy leverages decades of research on Inertial Fusion Energy (IFE) combined with groundbreaking new laser architecture. Our mission is to deploy fusion power plants to meet global decarbonization goals as fast as possible. Xcimer has assembled a team of leaders in tough tech, fusion science, and manufacturing with a track record of rapid execution. Supported by leading investors, Xcimer is uniquely positioned to deliver limitless, clean, fusion power to combat climate change. As Cybersecurity & Compliance Administrator, you will operate and continuously improve Xcimer’s security, compliance, and data privacy posture while the company continues to scale, and support U.S. defense‑related work. This is a hands‑on individual contributor role responsible for day‑to‑day security operations, CMMC 2.0 Level 2 compliance execution, and establishment of a defensible data privacy program appropriate for a high‑value and high‑visibility target. We are looking for our members to apply their technical expertise, problem solving skills, and dedication to quality to positively impact the future of energy! Responsibilities Microsoft Purview Administration (Compliance & Data Governance) Configure and manage Purview capabilities to support compliance objectives, including data classification and labeling, data loss prevention (DLP), retention and deletion policies, eDiscovery workflows, and compliance reporting. Develop and maintain Purview‑derived compliance artifacts and evidence outputs to support assessments, audits, due diligence, and continuous monitoring aligned to CMMC 2.0 Level 2 and NIST SP 800‑171. Define and operate data retention and deletion procedures, integrating with Purview retention controls where appropriate Microsoft Defender Administration (Threat Protection & Security Operations) Configure, tune, and operate Microsoft Defender security controls across identity, endpoints, email/collaboration, and cloud applications, consistent with licensing and compliance scope. Monitor alerts, investigate suspicious activity, and drive remediation actions; reducing noise through continuous tuning and improvements. Establish and maintain detection and response playbooks, including alert triage, escalation paths, documentation requirements, and post‑incident follow‑up. Incident Response & Threat Prevention Own and maintain the Security Incident Response Plan, including severity definitions, roles and responsibilities, evidence handling, escalation paths, and internal/external communication procedures. Lead security incident response from identification through containment, eradication, recovery, and lessons learned. Perform root‑cause analysis and coordinate corrective actions with IT administrative staff and relevant stakeholders. Proactively implement threat prevention measures: hardening, secure configuration baselines, conditional access/MFA enforcement support, and policy‑driven risk reduction. Maintain an incident register covering actual, attempted, and suspected security incidents (including phishing attempts), investigations performed, and outcomes. Compliance Enablement (CMMC L2 / NIST Controls) Maintain the System Security Plan (SSP) and Plan of Actions & Milestones (POA&M) for in‑scope systems, ensuring clear implementation statements, ownership, and evidence references. Support definition and maintenance of the CUI boundary, including systems, users, endpoints, networks, and data flows. Translate CMMC and NIST control requirements into concrete configurations, procedures, and ongoing monitoring activities across Microsoft 365, on‑prem infrastructure, and restricted or air‑gapped environments. Collect, organize, and maintain audit‑ready evidence to support internal assessments, customer diligence, and third‑party assessments. Define and maintain a centralized logging strategy (SIEM) spanning cloud and on‑prem environments, including ingestion of logs from identity systems, endpoints, email, servers, firewalls, VPNs, and IDS/IPS platforms. On‑Prem & Air‑Gapped Security Establish and operate secure data transfer procedures for air‑gapped and restricted environments, including removable media governance, integrity validation, malware scanning, and chain‑of‑custody documentation. Partner with Network Architecture to design and maintain secure monitoring architectures for restricted and air‑gapped environments, including TAP/SPAN placement, IDS deployment, and segmentation alignment with OT/ICS security best practices Security Engineering & Integrations Support integrations between cloud‑based services and the Microsoft security/compliance ecosystem (e.g., log sources, alerting, ticketing workflows, SSO/identity integrations). Contribute to automation where appropriate (e.g., scheduled scripts, workflows, or playbook‑style response actions). Cross‑Functional Collaboration & Communication Work closely with IT and engineering teams to ensure smooth operations and secure‑by‑default practices. Document, categorize, and prioritize security issues to ensure efficient escalation and resolution. Enforce approved security, compliance, and privacy policies and contribute to ongoing policy development and improvement. Collaborate with Network Architecture on secure network design, segmentation strategy, and enforcement controls including firewall policy, IDS/IPS, and Zero Trust network principles. Implement privacy impact assessments (PIAs) for new systems or processes involving personal data. Partner with Legal and HR to document the company’s GDPR and CCPA applicability position, including the basis where such laws do not apply. Support inclusion of appropriate data privacy and security terms in third‑party contracts and service agreements. Qualifications Education: Bachelor’s degree (or equivalent practical experience) in information technology, cybersecurity, information systems, or related field. Experience: 7+ years of experience in security administration, security operations, compliance operations, or adjacent IT roles with direct security responsibility. Demonstrated hands‑on experience administering Microsoft 365 security and compliance services, including Microsoft Purview and Microsoft Defender in an enterprise environment. Proven background in security incident response, investigation, and documentation in regulated or high‑risk environments. Working knowledge of system security best practices, access control, secure configuration, and audit logging. Strong written and verbal communication skills; able to translate technical security risk into clear, actionable steps and documentation. Comfortable operating as a self‑directed individual contributor in a fast‑paced and evolving environment. Excellent technical and interpersonal communication skills; able to translate security risk into actionable steps. Comfortable in a fast‑paced, dynamic, and ambiguous environment. Positive attitude, strong ownership mindset, strong professional judgement and ability to earn trust and maintain professional relationships. Must be a U.S. citizen or national, U.S. permanent resident (current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum. Desired Direct experience implementing or operating CMMC Level 2 and/or NIST SP 800‑171 controls, including evidence collection and assessment preparation. Experience with centralized logging or SIEM platforms and detection playbook development. Experience with cloud‑based service integrations (webhooks/REST APIs) and security‑relevant automation. Experience with security‑related scripting/automation practices and languages (Python, JavaScript, Ansible, SOAR‑style workflows etc.). Familiarity with hybrid cloud and on‑prem infrastructure in regulated environments, including air‑gapped networks. $140,000 - $175,000 a year Candidates may be considered for other positions at Xcimer Energy, and our actual base salary will be determined on an individual basis and may vary based on job‑related knowledge and skills, education, and experience. The range is published in accordance with Colorado Equal Pay for Equal Work Act and California Equal Pay Act. Equal Employment Opportunity Xcimer Energy is proud to be an Equal Opportunity/Affirmative Action Employer and is committed to attracting, retaining, and developing a highly qualified, diverse, and dedicated workforce. Xcimer Energy hires and promotes people on the basis of their qualifications, performance, and abilities. We support the establishment and maintenance of a workplace that fosters trust, equality, and teamwork, in which all employees recognize and appreciate the diversity of individual team members. We provide all qualified applicants for employment and employees with equal opportunities for hire, promotion, and other terms and conditions of employment, regardless of their race, color, religion, gender, sexual orientation, gender identity, national origin/ethnicity, age, physical or mental disability, genetic factors, military/veteran status, or any other status or characteristic protected by federal, state, and/or local law. Xcimer Energy will consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state, and local laws. For more information on “EEO Is the Law,” please see here and here. Benefits Xcimer offers a comprehensive benefits package designed to support employee health, well‑being, and long‑term success. Benefits include medical, dental, and vision coverage; basic and supplemental life insurance; short‑ and long‑term disability; paid parental leave for employees at the time of birth or adoption; and a 401(k) with a company match of up to 6%. Eligible employees also receive equity, allowing them to share in the company’s long‑term success. Xcimer operates under a flexible Paid Time Off (ATO) approach. Rather than a fixed number of vacation days, employees are trusted to take the time they need to rest and recharge while meeting the expectations of their role and team. In addition, employees receive paid sick time, 13 company‑paid holidays, and an annual paid company shutdown. Benefits are available to regular employees, including part‑time and fixed‑term roles, as well as interns, with eligibility varying by benefit. #J-18808-Ljbffr

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Senior Cybersecurity & Compliance Specialist (CMMC 2.0) in Denver, CO vacancy
  •  ...Xcimer Energy Inc. is seeking a Cybersecurity & Compliance Administrator to enhance security, compliance, and data privacy. You will operate day-to-day security operations, focusing on CMMC Level 2 compliance and establishing a strong data privacy program. The ideal candidate... 
    Senior

    Xcimer Energy Inc.

    Denver, CO
    3 days ago
  • $140k - $175k

    Xcimer Energy is seeking a Cybersecurity & Compliance Administrator to enhance our security and compliance posture in Denver, Colorado. This role...  ...managing Microsoft Purview and Defender, ensuring compliance with CMMC and NIST standards, and collaborating across IT and... 
    Senior

    Medium

    Denver, CO
    3 days ago
  •  ...Colorado-based Managed Service Provider specializing in cybersecurity, Microsoft 365, compliance, and CMMC readiness for organizations supporting the Defense...  ...compliance with NIST SP 800-171 and prepare for CMMC Level 2 certification. We're looking for someone who... 
    Suggested
    Full time
    Contract work

    IT Managed Services Company

    Denver, CO
    5 days ago
  • $70k - $88.67k

     ...ABET accredited curriculum. 0+ years relevant engineering experience...  ...ABET accredited curriculum. 2+ years relevant engineering...  ...Strongly preferred: EIT/FE. Senior Engineer Level (Salary Range:...  ...and systems by adhering to cybersecurity policies, standards, and best... 
    Senior
    Temporary work
    For contractors

    Xcel Energy Inc

    Denver, CO
    3 days ago
  •  ...simple solutions that best fit the needs of our clients. As a Senior Compliance Specialist, you will train and mentor Compliance Specialists in the...  ...platforms (Encompass, CapitalStream, DecisionPro). Minimum of two (2) years compliance management. Minimum of two (2) years... 
    Senior
    Work experience placement
    Work at office
    Night shift

    Community Banks of Colorado

    Denver, CO
    2 days ago
  • $165.01k - $226.89k

     ...Principal Systems Security Engineer / Senior ISSMApplyremote type: In...  ...responsible for the end-to-end cybersecurity posture, compliance governance, and system accreditation...  ....* Working knowledge of CMMC framework — understands Level 2/3 practice domains, assessment... 
    Senior
    Work experience placement
    Work at office

    Sierra Nevada Corporation

    Littleton, CO
    1 day ago
  • $112k - $156.6k

     ...procedures, and standards compliance. Will contribute to...  ...registration preferred. Senior Engineer Level (Salary...  ...engineering degree preferred. 2+ years of demonstrated...  ...degree preferred. 0+ years relevant...  ...systems by adhering to cybersecurity policies, standards, and... 
    Senior
    Full time
    Temporary work
    For contractors
    Internship

    Xcel Energy

    Denver, CO
    4 days ago
  • $105.79k - $141.05k

     ...connectivity, join us today. The Role The CMMC Compliance Analyst must have advanced practical...  ...supporting a successful CMMC Level 2 C3PAO assessment Experience with...  ...knowledge of FAR, DFARS, and CMMC-related cybersecurity and contracting requirements for... 
    Full time
    Temporary work
    For contractors
    Remote work

    Lumen

    Aurora, CO
    5 days ago
  • $60k - $68k

     ...A housing compliance organization is seeking a Compliance Specialist in Lakewood, Colorado. The role involves ensuring compliance with affordable housing regulations like HUD and LIHTC, managing resident documents, and providing leasing support. Ideal candidates have... 
    Senior
    Full time

    npm, Inc. (Node package manager JavaScript)

    Lakewood, CO
    3 days ago
  • $140k - $165k

    Compliance Communications Senior Specialist Chicago, IL; Denver, CO; Lake Mary, FL; New York, NY Join us in building the future of finance. Our mission is...  ...Bellevue, WA; Washington, DC) $140,000 - $165,000 USD Zone 2 (Denver, CO; Westlake, TX; Chicago, IL) $123,000 - $14... 
    Senior
    Work at office
    Flexible hours
    Shift work
    3 days per week

    Robinhood

    Denver, CO
    4 days ago
  • $114.6k - $252.1k

     ...standards and best practices.***Desired***:* Familiar with SDR (Software-Defined Radio) platforms and technologies.* Knowledge of cybersecurity principles as applied to RF systems.* Experience with agile development methodologies.* Track record of successful project... 
    Senior
    Contract work
    Work experience placement
    Flexible hours

    CACI International

    Denver, CO
    15 hours ago
  •  ...Senior Regulatory Affairs Specialist Job Description This person will be joining a small, but mighty team and...  ...and international markets, ensuring compliance with applicable regulations (i.e. PMA...  ...field, preferred. Minimum of 2 years of experience in orthopedic or... 
    Senior

    Highridge Medical LLC

    Westminster, CO
    2 days ago
  • $40 per hour

    A cybersecurity AI training company is searching for experienced professionals to evaluate AI-generated security content and solve technical...  ...to work on their own schedule. Ideal applicants will have over 2 years of experience in cybersecurity, coding abilities, and strong... 
    Senior
    Hourly pay
    Remote work

    DataAnnotation

    Denver, CO
    3 days ago
  • Ball Corporation in Westminster, CO seeks a Senior Analyst in Cybersecurity Governance, Risk, and Compliance (GRC). You will manage cybersecurity risks, support compliance activities, and document key decisions for readiness. The ideal candidate has a Bachelor's degree... 
    Senior
    Remote job

    Ball Aerospace

    Westminster, CO
    15 hours ago
  • $81k - $106.27k

     ...chemical engineering degree preferred. • 2+ years relevant engineering experience....  ...Fundamentals of Engineering) strongly preferred. Senior Engineer Level (Salary Range: $97,000-129...  ...s information and systems by adhering to cybersecurity policies, standards, and best practices,... 
    Senior
    Temporary work
    For contractors

    Xcel Energy Inc

    Denver, CO
    2 days ago
  • $25.67 - $38.51 per hour

    FedEx Group in Denver, Colorado is seeking a customer service representative to ensure timely release and movement of freight. Responsibilities include preparing documentation for U.S. Customs and resolving customer billing issues. The ideal candidate will possess strong...
    Senior
    Hourly pay

    FedEx Group

    Denver, CO
    4 days ago
  • Keysight Technologies is seeking an experienced Export Compliance Senior Specialist to support licensing activities in compliance with ITAR and EAR regulations. This remote role involves managing export license requirements and collaborating with teams globally. The ideal... 
    Senior
    Remote job
    Flexible hours

    Keysight Technologies

    Denver, CO
    2 days ago
  • Stryker Corporation is looking for a Senior Analyst in Colorado to support the Periodic Access Review...  ...reviews, training junior staff, and ensuring compliance with internal and external standards. The ideal candidate has at least 2 years of experience in IT Compliance or... 
    Senior
    Full time

    Stryker Corporation

    Denver, CO
    2 days ago
  • $98.5k - $206.8k

     ...national security missions.* Collaborate with software engineers, cybersecurity professionals, architects, and government stakeholders to...  ...best practices, including automated security scanning, compliance validation, and vulnerability management.* Troubleshoot and resolve... 
    Senior
    Contract work
    Work experience placement
    Flexible hours

    CACI International Inc.

    Denver, CO
    15 hours ago
  • JSfirm.com is seeking a Compliance Manager to oversee United Rotorcraft's defense and regulatory compliance initiatives. This role is responsible for ensuring adherence to federal standards such as CMMC, DFARS, NIST 800-171, ITAR, and EAR, while collaborating with various... 
    Senior

    JSfirm.com

    Englewood, CO
    15 hours ago
  •  ...Senior Manager, Cyber Security Operations Center (SOC) The Senior...  ...with IT, OT, Product, Legal, Compliance, Risk, and Operations during...  .... 8–12+ years of cybersecurity experience with at least 5 years...  ...including NIST, ISO 27001, SOC 2, NIS2, DORA, PCI, SOX, and GDPR... 
    Senior

    Digital Realty

    Denver, CO
    15 hours ago
  • $1,000 per month

     ...the Atlas Post Acute team in Colorado. This full-time role includes a $2,000 bonus—$1,000 after 90 days and another $1,000 after 6 months. The ideal candidate will provide compassionate care to senior residents and must possess a current Physical Therapist license in CO.... 
    Senior
    Full time

    PACS Group, Inc.

    Denver, CO
    15 hours ago
  • Rowan Digital Infrastructure in Denver, CO, is seeking a Senior Associate, Contract Compliance to support the company's contract management function. This role involves ensuring contractual obligations are identified and tracked, collaborating with various teams, and developing... 
    Senior
    Contract work

    Rowan Digital Infrastructure

    Denver, CO
    2 days ago
  • A woman-owned small business in Denver is seeking a Developer for a PeopleSoft upgrade project from version 9.1 to 9.2. The candidate will be responsible for input and work related to PeopleSoft code and SQL, with duties spanning design, build, testing, and deployments... 
    Senior

    Comtech Services Inc

    Denver, CO
    3 days ago
  • RealmOne is seeking a Level 2 System Administrator to join our team in Aurora, Colorado. This role involves providing Tier 1 and Tier 2 support, troubleshooting issues, and managing UNIX and Windows operating systems. Candidates must have ten years of experience as a System... 
    Senior
    Flexible hours

    RealmOne

    Aurora, CO
    1 day ago
  •  ...company based in Aurora, CO is seeking a Service Contract Support Specialist to provide on-site support at the Rocky Mountain Regional VA...  ...with service contracts critical to operations, ensuring compliance with VA standards. Candidates should have at least 10 years of... 
    Senior
    Full time
    Contract work
    Remote work

    Bisisolutions

    Aurora, CO
    1 day ago
  • Astreya is seeking a skilled Tier 2 NOC Engineer responsible for advanced troubleshooting and incident escalation within a global network. This role focuses on fault isolation, operational support, and optimizing network performance. The ideal candidate will possess expertise... 
    Senior
    Night shift

    Astreya

    Denver, CO
    2 days ago
  • E2 Optics is seeking a Payroll Compliance Specialist to ensure payroll laws are met effectively. Responsibilities include managing compliance, conducting payroll audits, and providing analytical reports in a collaborative environment. Qualified candidates should possess... 
    Senior

    E2 Optics

    Englewood, CO
    4 days ago
  • $189k - $225k

     ...governance, risk, and compliance obligations. This role...  ...of incoming contractual cybersecurity language and works directly...  ...SP 800-53, NIST CSF, CMMC, ISO 27001, FedRAMP,...  ...example CMMC, ISO 27001, SOC 2, FedRAMP, or...  ...experience with CMMC 2.0 assessment preparation... 
    Ongoing contract
    Contract work
    For contractors
    For subcontractor
    Work at office
    3 days per week

    Spire

    Denver, CO
    27 days ago
  • $86.9k - $198k

     ...Site Reliability Engineer, Senior Opportunity: Engineering to make a system more resilient...  ...of Linux system engineering experience. 2+ years of software development experience...  ...Preferred Qualifications Experience with cybersecurity concepts (threats, vulnerabilities,... 
    Senior
    Full time
    Part time
    Local area

    Booz Allen Hamilton

    Aurora, CO
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Cybersecurity & Compliance Specialist (CMMC 2.0). Be the first to apply!