IT Manager; Security Clearance

Position: IT Manager (5602) with Security Clearance
Three Saints Bay, LLC. a government contracting industry leader, is seeking an experienced IT Manager to lead our IT operations with a strong focus on Microsoft 365 cloud ecosystem, endpoint management, security operations, and compliance with CMMC (Cybersecurity Maturity Model Certification) and NIST SP 800-171 requirements. This is a hybrid position reporting into either our Manassas, VA office or our Charleston, SC office.

The ideal candidate will oversee the administration and optimization of Microsoft Cloud tools while managing a help desk team to deliver efficient end-user support and troubleshooting. This role combines strategic leadership, technical expertise in Microsoft security and productivity solutions, and hands-on involvement in compliance and incident response for a secure, efficient IT environment (particularly suitable for organizations handling Controlled Unclassified Information (CUI) or working with DoD/federal requirements).

Key Responsibilities
* Lead the administration, configuration, and optimization of Microsoft 365 (M365) environments, including Exchange Online, Teams, One Drive, SharePoint Online, and related services.
* Manage Microsoft Intune (Endpoint Manager) for device enrollment, compliance policies, configuration profiles, application deployment, Autopilot provisioning, security baselines, and endpoint security across Windows, iOS, Android, and macOS devices.
* Oversee Microsoft Defender (including Defender for Endpoint, Defender for Office 365, Defender for Identity) for threat protection, vulnerability management, and incident response.
* Administer Microsoft Sentinel for security information and event management (SIEM), threat hunting, analytics, and automated response workflows.
* Ensure the organization's IT systems and processes comply with NIST SP 800-171 controls and CMMC Level 2 (or higher) requirements, including policy development, control implementation, gap analysis, audit preparation, System Security Plan (SSP) maintenance, and Plan of Action & Milestones (POA&M) tracking.
* Manage and mentor the help desk/support team, including staffing, training, performance management, shift scheduling, and escalation processes.
* Provide advanced troubleshooting and resolution for end-user issues related to M365 applications, device management, security alerts, access problems, and general IT incidents.
* Develop and enforce IT policies, procedures, and best practices aligned with zero-trust principles, conditional access, multi-factor authentication (MFA), data loss prevention (DLP), and compliance frameworks.
* Monitor system performance, security posture, and compliance metrics; generate reports for leadership and auditors.

Required Qualifications
* Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field (or equivalent experience).
* 7+ years of progressive IT experience, including 4+ years in a managerial or supervisory role.
* 5+ years of hands-on expertise administering Microsoft 365 environments (E3/E5 preferred), with deep proficiency in:
* SharePoint Online (site management, permissions, governance).
* Intune (device management, compliance, Autopilot).
* Microsoft Defender suite.
* Microsoft Sentinel (SIEM/SOAR capabilities).
* Proven experience implementing and maintaining compliance with NIST SP 800-171 and CMMC frameworks (e.g., control mapping, self-assessments, remediation, or certification preparation).
* Strong background in managing a help desk or service desk team, including ticketing systems, SLAs, end-user troubleshooting, and customer service excellence.
* Experience with Microsoft Entra  (Azure AD), conditional access policies, identity governance, and security baselines.

Preferred Qualifications
* Relevant certifications such as:
* Microsoft Certified:
Azure Administrator Associate, Microsoft 365 Security Administrator, or equivalent.
* Microsoft Certified:
Endpoint Administrator Associate.
* Certified Information Systems Security Professional (CISSP), CMMC Registered Practitioner (RP), or similar.
* Experience in regulated environments (e.g., DoD contractors, federal contractors, defense…