Cyber Security Analyst

Beehive Industries is dedicated to Powering American Defense by revolutionizing the design, development, and delivery of jet propulsion systems to support the warfighter. Through the integration of additive manufacturing, the company aims to meet the growing and urgent needs for unmanned aerial defense by dramatically improving a jet engine’s speed to market, fuel efficiency, and cost. Founded in 2020, the company is headquartered in Englewood, Colorado, with additional facilities in Knoxville, Tennessee, Loveland Ohio, and Mount Vernon, Ohio. Beehive is committed to grow and advance the defense industrial base while manufacturing exclusively in the USA. This role can be located at our Englewood, Colorado, Knoxville, Tennessee or Loveland, Ohio facility. Job Summary: We are seeking a highly skilled and experienced Cybersecurity Analyst with expertise in Azure Data Loss Prevention (DLP) and compliance with ITAR, NIST 800-171, CMMC, and DoD security requirements. The ideal candidate will have a minimum of 5 years of experience in cybersecurity, focusing on Microsoft Azure Security solutions, DLP policies, and government regulatory compliance. This role is responsible for designing, implementing, and maintaining DLP controls to protect Controlled Unclassified Information (CUI) while ensuring compliance with ITAR, DFARS, and evolving CMMC standards. Key Responsibilities: Azure DLP & Security Implementation Develop, configure, and maintain Azure DLP policies to protect sensitive data across Microsoft 365, SharePoint, OneDrive, and Teams. Implement Azure Information Protection (AIP) and Microsoft Sensitivity Labels for data classification and security. Ensure endpoint DLP policies are effectively applied across company devices and cloud applications. Monitor and manage DLP alerts via Microsoft Defender for Cloud Apps (MDCA) and Microsoft Purview. Compliance & Regulatory Requirements Ensure compliance with ITAR (International Traffic in Arms Regulations), NIST 800-171, DFARS, CMMC, and DoD cybersecurity requirements. Work with compliance, legal, and IT teams to enforce Controlled Unclassified Information (CUI) protection measures. Maintain security documentation and ensure policies align with government cybersecurity frameworks. Support CMMC certification efforts, ensuring alignment with CMMC 2.0 Level 2 and 3 security requirements. Assist in preparing for DoD cybersecurity audits, DFARS assessments, and CMMC readiness evaluation s . Incident Monitoring & Response Investigate DLP alerts, data exfiltration attempts, and security incidents, taking appropriate remediation actions. Collaborate with the IT Team to enhance incident detection and response strategies. Analyze and mitigate risks related to insider threats, unauthorized access, and data leakage. Governance, Risk, and Security Best Practices Conduct security risk assessments focusing on data protection, ITAR, CMMC, and DoD compliance. Work with IT and business teams to implement secure data-handling procedures. Ensure encryption, access controls, and endpoint security measures are in place for CUI and sensitive information. Security Awareness & Training Provide security awareness training for employees on data handling, ITAR compliance, CMMC requirements, and insider threat mitigation. Develop and maintain security policies, guidelines, and incident response procedures. Required Qualifications & Skills: 5+ years of experience in cybersecurity, DLP implementation, and cloud security. Bachelor’s degree Strong expertise in Microsoft Azure Security Services, including Microsoft Purview DLP, Microsoft Defender for Cloud Apps (MDCA), and Azure Information Protection (AIP). Experience with Microsoft 365 Compliance Center, Microsoft Sentinel, and SIEM solutions. Deep understanding of NIST 800-171, ITAR, DFARS, CMMC (Cybersecurity Maturity Model Certification), and DoD cybersecurity frameworks. Knowledge of CMMC 2.0 Level 2 and Level 3 security controls, including access control, multi-factor authentication, and incident response. Familiarity with PowerShell scripting for automation and reporting. Strong knowledge of network security, endpoint protection, encryption, and access control. Certifications (Preferred, but not required) Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900) Microsoft Certified: Information Protection Administrator Associate (SC-400) Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) Certified Information Systems Auditor (CISA) CompTIA Security+ or equivalent CMMC Certified Professional (CCP) or CMMC Certified Assessor (CCA) Certified Information Security Manager (CISM) is a plus Soft Skills Strong problem-solving and analytical skills. Excellent communication and documentation abilities. Ability to work independently and collaboratively in a highly regulated and security-focused environment. If this sounds like you, please submit an application with your resume. This could be the opportunity you are looking for to expand your skills, contribute to a winning team, and work with talented people who love what they do and take pride in our mission. In compliance with Colorado’s Equal Pay for Equal Work Act, the salary range for this position is $100,000-$168,000 base salary. Please note that wage information is a general guideline only, and we will consider factors such as (but not limited to) scope and responsibilities of the position, candidate’s work experience, education/training, key skills, and market conditions when extending an offer. Beehive Industries offers a comprehensive benefits package that includes group Medical, Dental, Life, and Short and Long-Term disability coverage from day one. We also offer a generous 401(k) Retirement Savings Plan with a Company match. Every role at Beehive Industries is bonus eligible, and will also receive equity in the company. Beehive Industries is committed to full compliance with applicable anti-discrimination laws. We are an equal opportunity employer and value diversity at our company. We strive to create an inclusive work environment and will not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.