IT Manager - C1GS

C1 is the foremost, single-source provider of advanced communications and data technology for business. That means if it's digital, we connect our customers to it -- from phone systems and hardware to computer networks, application development, managed solutions and more. And we're 100% passionate with designing, implementing, managing and supporting our customers' every need from end to end, so that they can focus on what they do best.

So, when it comes to joining a team of IT and communications technology pros who are empowered to do what they do best, your best choice -- your #1 choice -- is C1.

The company is seeking a hands-on IT Manager to own day-to-day IT operations, cloud systems administration, endpoint management, user support, and cybersecurity compliance for a government contracting organization. The environment is cloud-first, with most systems residing in Microsoft GCC High and no physical IT infrastructure other than company-issued laptops.

This role will support approximately 40 users and will be responsible for onboarding, offboarding, endpoint provisioning, access control, help desk support, BYOD policy oversight, ISO/IEC 27001 compliance support, and preparation for and ongoing maintenance of CMMC Level 2 compliance.

• Manage day-to-day IT operations for a remote workforce of approximately 40 users.
• Provide Tier 1/Tier 2 user support for hardware, software, access, connectivity, Microsoft 365, Teams, SharePoint, OneDrive, email, endpoint, and account issues.
• Manage the help desk/ticketing process, including intake, prioritization, resolution, documentation, escalation, and reporting.
• Support onboarding and offboarding of employees, contractors, and consultants, including account creation, permissions, device provisioning, license assignment, data retention, and access removal.
• Image, configure, ship, recover, and maintain company-issued laptops using secure and repeatable processes.
• Maintain endpoint standards, including patching, encryption, antivirus/EDR, configuration baselines, local admin restrictions, vulnerability remediation, and inventory tracking.
• Manage remote device administration using tools such as Microsoft Intune, Autopilot, Defender, Entra ID, and related endpoint management platforms.
• Coordinate with external IT, cybersecurity, licensing, hardware, and compliance vendors as needed.

• Administer Microsoft 365 GCC High, including user accounts, groups, licenses, permissions, Exchange Online, Teams, SharePoint, OneDrive, Entra ID, Conditional Access, MFA, and security policies.
• Monitor and maintain cloud security configurations, including identity, access, device compliance, data loss prevention, audit logging, and retention policies.
• Support secure collaboration with customers, subcontractors, consultants, parent-company users, and affiliated users where applicable.
• Maintain administrative documentation, configuration records, change logs, and standard operating procedures.

• Support the company's ISO/IEC 27001-certified information security management system, including policies, procedures, risk assessments, evidence collection, internal audits, corrective actions, management reviews, and continuous improvement activities.
• Lead or materially support the company's effort to achieve and maintain CMMC Level 2 compliance.
• Maintain documentation required for CMMC, including the System Security Plan, POA&M, asset inventory, policies, procedures, control evidence, access reviews, incident response records, training evidence, vulnerability management records, and configuration baselines.
• Coordinate with external CMMC consultants, Registered Provider Organizations, C3PAOs, auditors, or assessors as required.
• Help maintain compliance with applicable NIST SP 800-171, DFARS cybersecurity requirements, CUI, FCI, ISO/IEC 27001, and customer security obligations.

• Manage and enforce the company's BYOD policy.
• Ensure personal devices used for company business meet security, access, encryption, authentication, and data protection requirements.
• Maintain approved device standards and help implement controls to limit company data exposure on unmanaged or noncompliant devices.
• Support periodic access reviews, endpoint audits, and device compliance reporting.

• Monitor user access, endpoint health, suspicious activity, and compliance posture.
• Support incident response, including user account compromise, lost or stolen laptops, phishing events, malware alerts, unauthorized access, and data exposure incidents.
• Assist with security awareness training, phishing simulations, acceptable use enforcement, and user education.
• Maintain disaster recovery, backup, data retention, and business continuity procedures relevant to cloud systems and endpoints.

• Hands-on experience administering Microsoft 365, Entra ID/Azure AD, Exchange Online, SharePoint, OneDrive, Teams, MFA, Conditional Access, and endpoint security tools.
• Must be a U.S. citizen and eligible to obtain and maintain a U.S. security clearance.
• Experience administering Microsoft GCC High.
• 5+ years of progressive experience in IT operations, systems administration, cloud administration, endpoint management, cybersecurity operations, or a related role.
• Experience managing Windows laptops in a remote environment.
• Experience with Microsoft Intune, Autopilot, Defender for Endpoint, or similar endpoint management/security tools.
• Strong troubleshooting skills and a service-oriented approach to supporting end users.
• Ability to work independently in a small-company environment where the role is both strategic and hands-on.
• Strong documentation discipline and sound judgment regarding access control, sensitive data, and security risk.

• Experience supporting security compliance programs, audits, and policy documentation.
• Familiarity with ISO/IEC 27001, NIST SP 800-171, CMMC, and DFARS cybersecurity requirements.
• Prior experience supporting a defense contractor, government contractor, or cleared contractor.
• Experience preparing for or supporting a CMMC Level 2 assessment.
• Experience maintaining an ISO/IEC 27001-certified environment.
• Active Secret clearance or prior clearance eligibility.
• Security+, CySA+, CISSP, CISM, CISA, Microsoft 365 Certified: Administrator Expert, Microsoft Endpoint Administrator, Azure Administrator, or similar certifications.
• Experience with CUI handling, SPRS scoring, SSP/POA&M development, and evidence management.
• Industry Certifications such as MCSE, CCNA

E-Verify:  E-Verify

Right to Work:  Right to Work Poster