Mission Critical Group · 1 day ago
Manager, IT Security & Compliance (ITAR)
Indianapolis, IN
Full-time
Onsite
Mid, Senior Level
5+ years expMission Critical Group is seeking an IT Security & Compliance Manager to develop and maintain their information security strategy and compliance frameworks. This role involves ensuring adherence to regulatory requirements and managing the organization's cybersecurity initiatives while collaborating with various departments.
Data CenterInfrastructureManufacturing
No H1B
U.S. Citizen Only
Responsibilities
Develop and maintain the company’s Information Security Program, ensuring alignment with industry standards (NIST, ISO 27001, CIS Controls)
Implement and oversee security technologies, including firewalls, SIEM, endpoint detection, access controls, and encryption
Conduct regular security risk assessments, vulnerability scans, and penetration testing initiatives
Lead security incident response, investigation, documentation, and reporting processes
Manage identity and access management (IAM) practices, including privileged access controls
Maintain compliance with ITAR, CMMC, DFARS 252.204-7012, NIST 800-171, GDPR, and other applicable regulatory or contractual cybersecurity requirements
Develop and maintain system security plans (SSPs), POA&Ms, and related compliance documentation
Lead internal and external audits, ensuring timely responses and remediation of findings
Create and enforce IT policies, standards, and procedures
Oversee vendor cybersecurity due diligence and third-party risk assessments
Ensure all digital systems, data repositories, and communication tools comply with ITAR technical data handling requirements
Coordinate with HR and Legal to verify personnel eligibility for access to ITAR-controlled information
Implement access restrictions, data segregation, and monitoring controls for ITAR-regulated systems
Train employees on ITAR obligations, including proper handling, storage, and transmission of defense-related technical data
Work with Export Compliance personnel to maintain audit-ready documentation and respond to regulatory inquiries or incidents
Ensure cloud environments meet ITAR compliance (e.g., US-persons-only access, compliant hosting platforms)
Lead ongoing cybersecurity and compliance training initiatives across the organization
Conduct phishing simulations, awareness campaigns, and departmental workshops
Ensure new hires receive mandatory IT security and ITAR compliance orientation
Develop the IT security roadmap and budget, aligning with organizational goals
Provide security and compliance guidance during technology planning and system implementations
Collaborate with executive leadership to communicate risk posture, KPI dashboards, and business impacts
Stay current on emerging threats, regulations, and security technologies
Qualification
Required
Bachelor's degree in information technology, Cybersecurity, or a related field (or equivalent experience)
5+ years of experience in IT security, compliance, or risk management
Demonstrated experience with ITAR compliance and handling controlled technical data
Solid understanding of regulatory frameworks: NIST 800-171, CMMC, ISO 27001, SOC 2, GDPR
Hands-on experience with enterprise security tools: SIEM, EDR, IAM, DLP, vulnerability scanners
Strong knowledge of network security concepts, cloud security (Azure/AWS), and incident response processes
Excellent documentation, communication, and auditing skills
Preferred
Relevant certifications: CISSP, CISM, CEH, CCSP, Security+, Certified CMMC Professional (CCP), or ITAR certification
Experience working in the defense, aerospace, manufacturing, or government contracting sectors
Familiarity with controlled unclassified information (CUI) environments
Company
Mission Critical Group
MCG provides comprehensive project design, delivery, launch, and continuing maintenance services.
1001-5000 employees
Funding
Current Stage
Late StageRecent News
Inside INdiana Business
2025-11-06
Mission Critical Group
2025-11-04
Washington Technology
2025-10-28
Company data provided by crunchbase