Sr. Sys Admin– Security & Compliance (CMMC / NIST)

ISA is seeking a Senior Systems Administrator with deep expertise in Linux and Windows administration including security hardening and compliance automation to support the implementation of CMMC Level 2 controls across a hybrid on-prem and cloud environments in Office 365 GCC High and AWS GovCloud. This role focuses on securing Red Hat Enterprise Linux and Windows systems used in government and defense workloads by designing, building, and maintaining hardened images and compliance processes.

The ideal candidate brings hands-on experience securing and managing Linux and Windows operating systems both on-prem and in cloud environments in accordance with CMMC/NIST 800-171 standards.

Your main responsibilities will be:

• Administration of RHEL 8, RHEL 9, Windows 10/11 and Windows Server 2016/2022.
• Continuous evaluation of network environment with respect to CMMC controls.
• Remediate system vulnerabilities identified by security scans and pentests.
• Install operating system and software patches and upgrades.
• Perform regular compliance assessments in accordance with CMMC.
• CMMC Compliance Integration
• Map CIS controls to CMMC Level 2 requirements.
• Document compliance evidence and support audit readiness.
• Collaborate with ISSOs and compliance teams to close control gaps.
• Integrate compliance enforcement into CI/CD pipelines.
• Office 365/AWS Security & Cloud Compliance
• Track hardened images within CMMC-scoped environments.
• Implement audit logging, encryption, and cloud-native incident response triggers.
• Automate security controls using Ansible, shell scripts, and cloud-init.
• Develop and maintain secure provisioning playbooks.
• Auditing, Monitoring & Reporting
• Conduct compliance scans and produce audit-ready evidence.
• Integrate security telemetry with SIEM platforms (e.g., Splunk)
• Create dashboards and reports aligned with POA&M and audit requirements.
• Collaboration & Documentation
• Partner with IT security, and quality teams to define and enforce policies.
• Maintain documentation for hardened baselines, and remediation.
• Assist in knowledge transfer and operational training.

Required Skills & Experience

• 7+ years of system administration experience (RHEL8/9, Windows 10/11/16/22).
• Expertise in CMMC Level 2, NIST 800-171, and CIS Benchmarks.
• Hands-on experience with Ansible, shell scripting, and CI/CD tools (e.g., Gitlab).
• Familiarity with cloud services in Office 365 GCC High and AWS GovCloud
• Experience performing compliance audits and building evidence artifacts.
• Strong understanding of Linux security internals and cloud security posture.
• Experience with Controlled Unclassified Information (CUI) and ITAR compliance.
• Clearance: TS Preferred, must be able to obtain and maintain TS/SSBI (including polygraph). Employment at ISA requires US citizenship.

Preferred Qualifications:

• Experience supporting federal, DoD, or defense contractor environments.
• Familiarity with tools like Nessus, Splunk, Defender for Endpoint etc.
• Familiarity with network switching and routing concepts.