×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Cybersecurity & Compliance Administrator

Job in Denver, Denver County, Colorado, 80285, USA
Listing for: Medium
Full Time position
Listed on 2026-06-18
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 150000 - 200000 USD Yearly USD 150000.00 200000.00 YEAR
Job Description & How to Apply Below

Xcimer Energy leverages decades of research on Inertial Fusion Energy (IFE) combined with groundbreaking new laser architecture. Our mission is to deploy fusion power plants to meet global decarbonization goals as fast as possible. Xcimer has assembled a team of leaders in tough tech, fusion science, and manufacturing with a track record of rapid execution. Supported by leading investors, Xcimer is uniquely positioned to deliver limitless, clean, fusion power to combat climate change.

As Cybersecurity & Compliance Administrator, you will operate and continuously improve Xcimer’s security, compliance, and data privacy posture while the company continues to scale, and support U.S. defense‑related work. This is a hands‑on individual contributor role responsible for day‑to‑day security operations, CMMC 2.0 Level 2 compliance execution, and establishment of a defensible data privacy program appropriate for a high‑value and high‑visibility target.

We are looking for our members to apply their technical expertise, problem solving skills, and dedication to quality to positively impact the future of energy!

Responsibilities

Microsoft Purview Administration (Compliance & Data Governance)

  • Configure and manage Purview capabilities to support compliance objectives, including data classification and labeling, data loss prevention (DLP), retention and deletion policies, eDiscovery workflows, and compliance reporting.
  • Develop and maintain Purview‑derived compliance artifacts and evidence outputs to support assessments, audits, due diligence, and continuous monitoring aligned to CMMC 2.0 Level 2 and NIST SP 800‑171.
  • Define and operate data retention and deletion procedures, integrating with Purview retention controls where appropriate

Microsoft Defender Administration (Threat Protection & Security Operations)

  • Configure, tune, and operate Microsoft Defender security controls across identity, endpoints, email/collaboration, and cloud applications, consistent with licensing and compliance scope.
  • Monitor alerts, investigate suspicious activity, and drive remediation actions; reducing noise through continuous tuning and improvements.
  • Establish and maintain detection and response playbooks, including alert triage, escalation paths, documentation requirements, and post‑incident follow‑up.

Incident Response & Threat Prevention

  • Own and maintain the Security Incident Response Plan, including severity definitions, roles and responsibilities, evidence handling, escalation paths, and internal/external communication procedures.
  • Lead security incident response from identification through containment, eradication, recovery, and lessons learned.
  • Perform root‑cause analysis and coordinate corrective actions with IT administrative staff and relevant stakeholders.
  • Proactively implement threat prevention measures: hardening, secure configuration baselines, conditional access/MFA enforcement support, and policy‑driven risk reduction.
  • Maintain an incident register covering actual, attempted, and suspected security incidents (including phishing attempts), investigations performed, and outcomes.

Compliance Enablement (CMMC L2 / NIST Controls)

  • Maintain the System Security Plan (SSP) and Plan of Actions & Milestones (POA&M) for in‑scope systems, ensuring clear implementation statements, ownership, and evidence references.
  • Support definition and maintenance of the CUI boundary, including systems, users, endpoints, networks, and data flows.
  • Translate CMMC and NIST control requirements into concrete configurations, procedures, and ongoing monitoring activities across Microsoft 365, on‑prem infrastructure, and restricted or air‑gapped environments.
  • Collect, organize, and maintain audit‑ready evidence to support internal assessments, customer diligence, and third‑party assessments.
  • Define and maintain a centralized logging strategy (SIEM) spanning cloud and on‑prem environments, including ingestion of logs from identity systems, endpoints, email, servers, firewalls, VPNs, and IDS/IPS platforms.

On‑Prem & Air‑Gapped Security

  • Establish and operate secure data transfer procedures for air‑gapped and restricted environments, including removable media governance,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search