A

Security and Compliance Manager

Job Description - Security and Compliance Manager

The Company


Aero Gear is a global supplier of aerospace gears and gearbox assemblies to top OEMs such as Pratt & Whitney, GE, AVIO, Collins, Rolls Royce and Sikorsky. The company was founded in 1982 and has grown over the years through key capital investments, technology and the professional development of its employees. Aero Gear has a team-based culture with a focus on excellence and continuous improvement. The outlook for the company is strong as it continues to set higher goals for sustained success together.



Position Summary


Responsible for managing Aero Gear's cybersecurity program and maintaining the organization's compliance posture across all applicable regulatory frameworks, including CMMC Level 2, ITAR, and NIST SP 800-171. This role owns the cybersecurity tool stack, leads the IT compliance program, and serves as the primary liaison between IT, internal audit, and other departments on all matters related to information security and regulatory compliance. The Security and Compliance Manager creates, maintains, and enforces security policies and documentation, coordinates compliance activities, and ensures that all IT systems and practices meet the requirements necessary to support Aero Gear's defense manufacturing contracts. Occasional work outside regular business hours may be required.



Essential Functions



  • Manage and maintain the organization's cybersecurity tool stack, including endpoint detection and response (EDR), SIEM, email security, identity management, multi-factor authentication, and privileged access management solutions.

  • Own and operate Aero Gear's CMMC Level 2 compliance program for IT, including maintaining the System Security Plan (SSP), Plan of Action & Milestones (POA&M), and Assessment Workbook in alignment with NIST SP 800-171 Rev 2 and applicable DFARS requirements.

  • Create, publish, maintain, and version-control the full library of IT security and compliance policies, procedures, standards, and work instructions; ensure documentation is current, accessible, and audit-ready at all times.

  • Work directly with Aero Gear's internal auditor and any third-party assessors (C3PAOs) to facilitate compliance reviews, provide evidence packages, and coordinate timely remediation of identified gaps or findings.

  • Plan, organize, and lead tabletop exercises and drills covering cybersecurity incident scenarios, business continuity, and regulatory compliance situations; document outcomes and drive improvement actions.

  • Collaborate with department managers and process owners across the organization to assess security and compliance risks associated with IT systems, data handling practices, and proposed technology changes.

  • Manage vulnerability and patch compliance programs across endpoints, servers, and network infrastructure; track remediation to closure and report risk posture to IT leadership.

  • Administer and monitor user access controls, identity governance, and privileged account management in accordance with least-privilege principles and CMMC/NIST requirements.

  • Coordinate and track security awareness training programs, phishing simulation campaigns, and compliance education initiatives for all personnel.

  • Monitor and respond to security alerts, events, and incidents; maintain and test the incident response plan and serve as a key responder during active incidents.

  • Evaluate new and existing vendor relationships for security and compliance risk; maintain a vendor risk register and support supply chain risk management activities.

  • Other duties as assigned.



Competencies



  • Security and regulatory knowledge (CMMC, NIST SP 800-171, ITAR, CUI handling)

  • Technical capacity in cybersecurity tooling and IT infrastructure

  • Documentation and written communication proficiency

  • Analytical thinking and risk-based decision making

  • Project and program management

  • Cross-functional collaboration and stakeholder communication

  • Initiative and accountability



Experience and Qualifications



  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent professional experience.

  • 5+ years of progressive experience in IT security, compliance, or a combined role.

  • Direct, hands-on experience with CMMC Level 2 or NIST SP 800-171 compliance programs strongly preferred

  • Experience in a defense manufacturing or ITAR-regulated environment is a significant plus.

  • Security certifications are strongly preferred: CompTIA Security+, CISSP, CISM, or equivalent.

  • Certifications such as CompTIA A+, Network+, or Microsoft Certified Professional (MCP) are a plus.

  • CMMC Registered Practitioner (RP) or Certified Professional (CP) designation is a plus.

  • Experience with Export Control administrative responsibilities is a plus.



Supervisory Responsibility


This position has no supervisory responsibilities.



Physical Demands


The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.


The employee must occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include close vision, depth perception and ability to adjust focus. While performing the duties of this Job, the employee is regularly required to stand. The employee is frequently required to use hands to finger, handle, or feel and reach with hands and arms. The employee is occasionally required to walk; sit; climb or balance; stoop, kneel, crouch, or crawl and talk or hear.



Other Duties


This job description is not designed to cover a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Activities, duties or responsibilities may change at any time with or without notice.



Work Authorization


US Person (Green Card Holder or United States Citizen) required due to government contracts and ITAR obligations. The incumbent will be required to comply with all applicable export control laws and regulations.


***********************************************************************************************************


Aero Gear is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Aero Gear will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please contact the EEO Coordinator at 860.688.0888.


EOE/Minorities/Females/Vets/Disabled


While we appreciate and value our staffing partners, we do not accept unsolicited resumes from agencies. Aero Gear will not be responsible for paying agency fees for any individual as to whom an agency has sent an unsolicited resume.

Original job Security and Compliance Manager posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

Similar Security and Compliance Manager Jobs in the US

GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast! Find the best jobs in the US, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.