Job Requirements
Orlando, FL
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries
Job Description
Knight Federal Solutions is a trusted provider to industry leading prime contractors, the Department of Defense and the Intelligence Community. We have established a company culture that supports our employees, their families and the communities in which they live and work. When you join our team you belong to a group of people that work hard, strive for greatness and care about people.
Our hard work is evident in everything we do. Whether it be supporting large government programs in the areas of Simulation and Training, Information Technology, Intelligence or Engineering we always strive to be the best. It is for this reason that we have been recognized as a World Class Team Supplier by Northrop Grumman and were also named one of Florida's fastest growing companies by Inc. Magazine.
As Knight Federal Solutions continues to grow, we look forward to hiring the best and the brightest to join us in our success!
Knight Federal Solutions (KFS) is seeking a Network Administrator on a 6-month contract-to-hire basis to own day-to-day administration of the corporate network and Microsoft 365 GCC Moderate environment - including Cisco ISE network access control, Duo MFA, VLAN segmentation, and virtualization infrastructure. In addition to core network administration duties, this role serves as the CMMC Point of Contact for the network portion of the environment - the designated subject-matter owner for network and boundary-protection controls during CMMC Level 2 / NIST SP 800-171 assessment and sustainment activities. Overall CMMC program ownership (SSP, POA&M, SPRS) remains with the IT Manager; this role provides the network-domain expertise, evidence, and assessor interface for in-scope network controls. The role supports both internal KFS operations and, at the direction of the IT Manager, managed-services engagements for client environments. Successful performance during the contract period may lead to conversion to a permanent position.
- Administer and maintain LAN/WAN, firewalls, switching, wireless, and Azure virtual network infrastructure, including VLAN design/segmentation, point-to-site and site-to-site VPN connectivity, and DNS/NRPT configuration.
- Administer Cisco Identity Services Engine (ISE) for network access control - 802.1X wired/wireless authentication, device profiling, posture policies, and TACACS+ device administration.
- Administer Duo MFA - application integrations, enrollment, authentication policies, and integration with VPN, RDP, and identity providers.
- Perform virtualization administration (VMware vSphere/ESXi and Hyper-V/Azure VMs) - provisioning, snapshots, resource management, patching, and host maintenance.
- Administer Microsoft 365 GCC Moderate workloads: Exchange Online, SharePoint/OneDrive, Teams, and supporting transport/mail-flow rules.
- Manage identity and endpoint services in Microsoft Entra ID and Intune, including Conditional Access, device compliance, configuration profiles, and application deployment.
- Monitor, triage, and remediate alerts from Microsoft Defender (XDR/MDE) and SIEM tooling; participate in incident response and after-action documentation.
- Develop and maintain PowerShell automation for recurring administration, remediation, and evidence-collection tasks (dry-run defaults, transcript logging, and change control expected).
- Maintain backup, patching, and vulnerability-remediation cadence across servers, endpoints, and network devices; document all changes per configuration-management policy.
- Provide Tier 2/3 escalation support for infrastructure and connectivity issues affecting on-site and remote staff.
- Serve as the designated CMMC POC for network and boundary-protection controls, acting as the network subject-matter expert during C3PAO assessments, control-owner interviews, and internal readiness reviews.
- Own control implementation and evidence for network-related NIST SP 800-171 Rev 2 practices - primarily the System and Communications Protection (SC) family, plus network-relevant AC, AU, and CM controls (boundary protection, network segmentation, remote access, session/traffic controls, network device configuration baselines).
- Maintain the network-related sections of the System Security Plan, including network diagrams, CUI data-flow diagrams, and enclave boundary documentation, keeping them current with the deployed environment.
- Collect, organize, and deliver assessor-ready evidence artifacts for in-scope network controls (firewall rulesets, VLAN segmentation documentation, ISE authentication/authorization policies, Duo MFA configurations, VPN configurations, Conditional Access policies, logging configurations, change records).
- Remediate network-related assessment findings and POA&M items assigned by the IT Manager, documenting closure with supporting evidence.
- Coordinate with the IT Manager on SPRS scoring inputs, scoping decisions, and configuration changes affecting the assessment boundary; overall CMMC program ownership remains with the IT Manager.
- 5+ years of hands-on network and systems administration experience, including at least 2 years in a Microsoft 365 / Azure environment.
- Hands-on experience administering Cisco ISE (802.1X, profiling, policy sets) and enterprise switching/routing, including VLAN design and network segmentation.
- Experience administering Duo (or comparable MFA platform) and virtualization platforms (VMware vSphere/ESXi, Hyper-V, or Azure IaaS).
- Direct experience implementing or maintaining NIST SP 800-171 or CMMC network-related controls (boundary protection, segmentation, remote access) in a defense-contractor or similarly regulated environment.
- Working knowledge of GCC / GCC High tenancy differences, CUI handling requirements, and DFARS 252.204-7012 obligations.
- Proficiency with Microsoft Entra ID, Intune, Exchange Online administration, and PowerShell scripting.
- Strong documentation skills - able to produce assessor-ready artifacts, network diagrams, and policy/procedure updates without prompting.
- U.S. citizenship and ability to obtain and maintain a government security clearance.
- CMMC Certified Professional (CCP) or Certified CMMC Assessor (CCA) credential, or Registered Practitioner (RP) status.
- Security+ (required within 6 months of hire if not held), plus one or more of: CISSP, CISM, CCNA/CCNP, VCP, AZ-104, SC-300, or MD-102.
- Prior experience as a control owner or interviewed SME through a C3PAO Level 2 assessment.
- Experience with Microsoft Sentinel, Defender Vulnerability Management, Azure Virtual Desktop or Windows 365, and MSP/multi-tenant administration.
- Familiarity with GRC tooling, OSCAL-based documentation, or automated evidence-collection pipelines.
- Primarily on-site in Orlando, FL, with occasional after-hours maintenance windows and on-call rotation participation.
- Initial engagement is a 6-month contract-to-hire term; conversion to permanent employment is contingent on performance and business need and is not guaranteed.
- Position is subject to background investigation and may require drug screening per contract requirements.
- This position works with Controlled Unclassified Information (CUI); adherence to all KFS security policies is a condition of employment.
Knight Federal Solutions provides equal employment opportunities to all qualified individuals without regard to race, color, religion, sex, gender identity, sexual orientation, pregnancy, age, national origin, physical or mental disability, military or veteran status, genetic information or any other protected classification.
group id: 90678720