What You'll Do:

The Network / Domain Administrator & Security Operations (SOC) role is responsible for secure administration of network infrastructure, identity systems, and continuous monitoring of security events across corporate and enclave environments. This role enforces access control, network security, logging, and incident detection/response in alignment with NIST SP 800-171, CMMC Level 2, and DFARS requirements.

This position serves as a primary operator for security monitoring (SOC functions) and ensures visibility, detection, and response capabilities across all systems handling CUI.

Access Control & Identity Management (AC / IA)

• Administer identity systems (Microsoft Entra ID, Active Directory, GCCH tenants)
• Enforce MFA, conditional access, and least privilege principles
• Manage privileged accounts and implement separation of duties
• Conduct periodic access reviews and account audits

Network Security & Boundary Protection (SC / AC)

• Configure and manage network infrastructure:
• Firewalls, routers, VLANs, ACLs
• Enforce segmentation between:
• Corporate network
• CUI enclave (CTMD)
• External/public access
• Manage DNS, DHCP, and IP address management
• Monitor and control inbound/outbound network traffic

Audit & Accountability / Logging (AU)

• Ensure centralized logging across systems:
• SEIM and 3rd Party SOC
• Maintain log retention in accordance with policy
• Validate log integrity and availability for audit purposes
• Generate audit reports and provide evidence for compliance reviews

Continuous Monitoring & SOC Operations (SI / IR / CA)

• Monitor security alerts, events, and anomalies across all environments
• Perform triage, investigation, and escalation of security events
• Correlate logs across endpoints, network, and applications
• Maintain alert tuning and detection rules
• Support continuous monitoring strategy required by CMMC

Incident Response (IR)

• Lead or support incident detection, containment, eradication, and recovery
• Document incidents and maintain incident response records
• Coordinate with IT, application, and management teams during incidents
• Ensure proper evidence handling and chain of custody

Configuration & Change Management (CM)

• Maintain secure baseline configurations for:
• Network devices
• Identity systems
• Review and approve network and security-related changes
• Ensure all changes are documented and auditable

Risk Management & Vulnerability Management (RA / SI)

• Perform vulnerability scanning and remediation coordination
• Identify risks related to network and identity systems
• Track and remediate findings (POA&M support)

System & Communications Protection (SC)

• Enforce encryption and secure protocols across network communications
• Validate secure configurations for remote access and VPNs
• Ensure secure integration with enclave systems and cloud environments

Operational Responsibilities

• Manage:
• Network infrastructure (switches, routers, firewalls, VLANs)
• Identity platforms (Entra ID, AD, GCCH identity)
• Monitoring and SIEM platforms and working with 3rd party SOC
• Maintain network diagrams and documentation (e.g., NetBox)
• Support secure connectivity between corporate, enclave, and cloud environments
• Assist with compliance audits and security assessments
• Participate in on-call rotation for incident response

Required Qualifications

• 5-9+ years of experience in network administration and/or security operations
• Strong knowledge of:
• Networking (TCP/IP, VLANs, routing, firewalls)
• Identity and access management (AD, Entra ID)
• Experience with SIEM and monitoring tools
• Understanding of security principles and incident response

Preferred Qualifications

• Experience in regulated environments (CMMC, NIST 800-171, GovCloud, GCCH)
• Certifications such as:
• Security+, CySA+, CISSP (or equivalent)

Audit-Relevant Expectations

• Continuous monitoring must be active, documented, and reviewable
• Logs must be centralized, retained, and protected from tampering
• Network segmentation and access controls must be enforced and verifiable
• All privileged activity must be controlled, logged, and auditable
• Incident response must be documented and repeatable
• Full alignment with SSP-defined controls and CUI boundary enforcement

Our office headquarters is located in Playa Vista, CA. This position requires in office presence.

The California annual base salary for this role is currently $110,000 - $140,000. Pay Grades are determined by role, level, location, and alignment with market data. Individual pay will be determined on a case-by-case basis and may vary based on the following considerations: interviews and an assessment of several factors that are unique to each candidate, job-related skills, relevant education and experience, certifications, abilities of the candidate and internal equity.

ITAR Compliance:

To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.