Sentinel Blue

• Lead the Service Desk and Infrastructure Engineering teams, ensuring consistent ticket lifecycle management from intake through resolution and post-incident review. • Monitor and improve operational metrics including SLA performance, MTTR, ticket volume trends, escalation rates, patch compliance, backup success, and infrastructure uptime. • Maintain clear escalation paths and ensure appropriate ticket categorization, prioritization, and assignment across support tiers. • Drive the development and enforcement of secure baseline configurations for Windows 11, Windows Server, macOS, Microsoft 365, Azure, and endpoint devices. • Oversee patching, backup, disaster recovery, and environment lifecycle management, ensuring accurate tracking and remediation of failures or exceptions. • Implement and refine ITIL-aligned processes including Incident, Problem, Change, and Knowledge Management frameworks. • Coordinate with peer teams in SOC, Compliance, PMO, and Customer Success to align operational practices with security, regulatory, and customer-facing objectives. • Participate in change management activities, including risk scoring, approval workflows, rollback planning, and impact communication. • Conduct post-incident reviews and root cause analyses, ensuring remediation activities are documented, tracked, and executed. • Maintain operational documentation, SOPs, runbooks, asset inventories, and knowledge base articles to standardize and streamline support. • Manage performance expectations for individual contributors through metrics, coaching, and feedback loops driven by data and SLA adherence. • Identify automation opportunities and drive continual service improvement initiatives that reduce recurring incidents and increase operational efficiency. • Provide regular reports and operational insights to leadership, translating complex technical metrics into clear business narratives.

• Serve as the primary point of contact for clients post-onboarding, ensuring a seamless adoption experience, training, and ongoing support. • Manage incident and issue response by triaging client problems, coordinating escalations, tracking resolution, and providing timely updates and follow-ups. • Build and nurture strong relationships with clients, deeply understanding their business needs and driving their security maturity. • Proactively monitor client satisfaction and solution usage, identifying opportunities to enhance value and expand service adoption. • Facilitate regular client meetings and performance reviews to align with security objectives and compliance requirements. • Collaborate closely across internal teams to ensure smooth delivery of customer requests and timely resolution of issues. • Combine account management, technical support, and customer success strategies to deliver exceptional client experiences. • Track and report key client success metrics, ensuring retention and satisfaction. • Translate customer feedback into actionable insights to improve service delivery, internal processes, and product development.

• Design, build, and maintain automation that integrates SaaS platforms, internal tools, and cloud services across client and internal environments. • Develop and consume REST APIs, including OAuth2 authentication flows, token lifecycle management, and error handling for production-grade integrations. • Write scripts and tooling in PowerShell, Python, and other appropriate languages to automate provisioning, configuration, reporting, and lifecycle tasks. • Build infrastructure-as-code using Terraform or similar frameworks to support repeatable, version-controlled deployments. • Partner with internal teams to identify manual workflows, scope automation opportunities, and deliver solutions that fit how those teams actually work. • Implement automation with appropriate guardrails, including secrets management, least-privilege access, logging, and observability. • Maintain and improve existing automations, including refactoring, documentation, and migration of brittle workflows to more reliable patterns. • Communicate automation designs, integration patterns, and operational guidance clearly to internal teams and stakeholders. • Contribute to platform documentation, standards, runbooks, and architectural diagrams. • Identify opportunities to reduce manual effort, improve consistency, and enhance the operator and engineer experience through automation.

Sentinel Blue is looking for a CMMC Certified Assessor (CCA) to join our Operations team. This role is ideal for someone with a strong attention to detail and a passion for helping organizations meet regulatory and security standards. Our ideal candidate is a clear communicator who can translate technical concepts into plain language, work well with both executives and engineers, and approach compliance with a collaborative mindset. This role will support our clients by reviewing documentation, validating technical configurations, assessing environments against compliance objectives, and helping build repeatable processes that lead to assessment readiness. This is a full-time position that is fully remote. Due to the nature of our work, you must be a U.S. citizen with eligibility for a clearance. No exceptions. A day in the CMMC Certified Assessor role: The CMMC Level 2 Assessor (CCA) will conduct formal CMMC assessments in accordance with the CMMC Assessment Process (CAP), evaluating client environments against the 110 practices in NIST SP 800-171 Rev. 2. On a typical day, the assessor may review System Security Plans (SSPs), analyze Plans of Action & Milestones (POA&Ms), validate technical and administrative controls, and document MET/NOT MET determinations with clear supporting evidence. The assessor will participate in client interviews, review artifacts, and perform evidence validation to determine control implementation and operational effectiveness. They will work closely with internal assessment team members to ensure consistent, defensible results and contribute to the development of assessment documentation and reporting outputs. The role involves engaging with technical and non-technical stakeholders, analyzing enterprise environments, and applying structured assessment methodologies to evaluate compliance posture. The assessor will also maintain alignment with CMMC program requirements, assessment integrity standards, and evolving DoD guidance. Responsibilities: - Communicate with clients through email, chat, meetings, and interviews to gather evidence, clarify processes, and maintain progress visibility on compliance deliverables. - Perform CMMC Level 2 assessments in accordance with the CMMC Assessment Process (CAP), including planning, execution, and documentation activities. - Review and evaluate client implementations of NIST SP 800-171 security requirements across technical, administrative, and operational controls. - Analyze System Security Plans (SSPs), POA&Ms, policies, procedures, and supporting artifacts to determine control implementation status. - Conduct client interviews and walkthroughs to validate the existence and effectiveness of security controls. - Document MET / NOT MET determinations with clear, objective, and defensible rationale aligned to CMMC assessment standards. - Collect, organize, and analyze objective evidence to support assessment conclusions and working papers. - Identify gaps, inconsistencies, and risks in control implementation and communicate findings to the assessment team. - Collaborate with internal assessment team members to ensure consistency in evaluation approach and documentation quality. - Support the development of assessment deliverables, including working papers and input to final assessment reports. - Maintain adherence to CMMC assessment integrity, independence, and quality assurance requirements. What We Can Offer: Sentinel Blue is a young company with a focused mission: We’re bringing enterprise-class cybersecurity to small and medium sized businesses. Frankly, we’re pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission. The pace is fast, and we’re always learning new things. This is a great place if you want to expose yourself to new and emerging technologies, want to be challenged, and want to build your skills. Further, success in this role can quickly transition into a team leadership role. The right person will find themselves in a fun, dynamic environment, working on interesting problems and making a real difference. Requirements: - U.S. citizenship - by nature of our work with the defense industry, all employees must be eligible for a Secret clearance. - Active Certified CMMC Assessor (CCA) certification with active Tier III background clearance - 2-5 years of experience in information security, IT compliance, cybersecurity auditing, GRC, or similar roles. - Practical experience working with CMMC, NIST 800-171, NIST 800-53, DFARS 7012, or NIST RMF in a professional environment. - Demonstrated ability to lead and make decisions on compliance-related matters, including interpreting control intent, assessing evidence, and determining whether control requirements have been met. - Experience reviewing and developing policies, procedures, SSPs, POA&Ms, risk assessments, or similar compliance documentation. - Working knowledge of technical environments such as IAM, endpoint protection, logging/monitoring, vulnerability management, segmentation, and backup/recovery strategies. - Strong written and verbal communication skills, especially when translating technical information into actionable compliance guidance. - Ability to work independently, manage multiple client tasks, and follow structured workflows to drive compliance activities to timely completion. - Ability to interpret control intent, analyze evidence, and evaluate whether technical or procedural safeguards meet compliance objectives. Desired Qualifications: - Experience working with or supporting a C3PAO - Experience working in a multi-client consulting or managed services environment. Prior work supporting multiple organizations simultaneously is highly valued. - Familiarity with Azure Government and Office 365 GCC High environments, including their unique compliance and security requirements. - Practical understanding of security and compliance policies such as least privilege, RBAC, audit logging, configuration baselines, change management, and endpoint protection. - Experience in a client-facing professional role, whether in IT, compliance, consulting, audit support, or similar fields. - Strong knowledge of cloud-first architecture and securing environments built in Azure or Microsoft 365. - Experience with related frameworks such as NIST 800-53, FedRAMP, ISO 27001, CIS Controls, or SOC 2. - Demonstrated passion for learning and professional growth. - Bachelor’s or Master's degree in Cybersecurity, Information Systems, Computer Science, Business, or a related field. - Additional certifications: - CISSP - CISA Benefits: - Fully paid individual healthcare, vision and dental insurance for the employee. - Paid certification and training opportunities. - Three weeks of paid vacation + 10 paid holidays. - A supportive environment with a focus on keeping healthy work-life balance. - Retirement benefit (401k) with company match.

• Coordinate end-to-end procurement processes for hardware, software, licensing, and services. • Work with internal teams to gather requirements, validate requests, and ensure accurate ordering. • Obtain quotes, place orders, and track fulfillment with vendors to ensure timely delivery. • Coordinate shipping, delivery, and tracking of hardware and related equipment. • Coordinate with vendors and support ongoing relationships, including communication and issue resolution. • Support software licensing procurement, renewals, and tracking. • Maintain accurate records of orders, licenses, warranties, and vendor agreements. • Monitor upcoming renewals and expirations to help ensure continuity of services. • Collaborate with finance and billing teams to support alignment between procurement and invoicing. • Support and help coordinate a small team, including device deployment and related activities. • Assist with inventory tracking, logistics coordination, and device lifecycle support as needed.

About Sentinel Blue: Sentinel Blue is a values-driven Managed Security Service Provider (MSSP) committed to safeguarding our clients within the defense industrial base and broader government contracting community. Founded on trust and a relentless pursuit of excellence, our mission is to deliver scalable, comprehensive cybersecurity solutions that empower our partners to achieve long-term sustainability, regulatory compliance, and business success. Position Overview: We are seeking a highly organized, proactive Executive Assistant to support our leadership team and help drive operational efficiency across the organization. This individual plays a critical role in enabling leadership to stay focused on high-impact priorities by ensuring seamless coordination, clear communication, and effective day-to-day support. The ideal candidate thrives in a fast-paced environment, anticipates needs before they arise, and excels at keeping information, schedules, and workflows structured and on track while maintaining a high level of professionalism and discretion. This is a full-time position that is fully remote. Due to the nature of our work, you must be a U.S. citizen with eligibility for a clearance. No exceptions. A Day in the Life of an Executive Assistant Role: The Executive Assistant starts their day by aligning on leadership priorities, active initiatives, and any pressing needs across the organization, quickly identifying where support is needed most—whether that’s preparing for key discussions, following up on outstanding items, or helping keep day-to-day operations running smoothly. Throughout the day, they act as a central hub for communication and coordination, ensuring information flows seamlessly between leadership, internal teams, and external partners while capturing key insights, tracking action items, and driving accountability so decisions turn into progress. They play a critical role in keeping the business organized and efficient by supporting internal communications, maintaining clear documentation, and assisting with meeting preparation, planning, and administrative support, all while adapting quickly as priorities evolve to remove friction and keep leadership focused. By the end of the day, they have helped create structure, clarity, and momentum across the organization, ensuring leadership is supported, teams are aligned, and operations continue to run effectively. Responsibilities: • Provide comprehensive administrative support to executive leadership, including calendar management, meeting coordination, and travel arrangements • Prepare, organize, and distribute meeting materials, agendas, and notes, ensuring leadership is fully prepared for internal and external meetings • Attend meetings and calls as needed to capture key discussion points, track action items, and ensure follow-up on important decisions and tasks • Coordinate scheduling across leadership, internal teams, and external partners to ensure efficient use of executive time and alignment across departments • Assist with planning and logistics for company initiatives, events, leadership meetings, and strategic planning sessions • Maintain organized documentation, reports, and records to support executive decision-making and operational continuity • Support internal communication by drafting emails, announcements, and other correspondence on behalf of leadership when appropriate • Help track priorities, projects, and deadlines for executives, ensuring key initiatives stay organized and on schedule • Assist with administrative tasks such as expense tracking, document preparation, data entry, and general office coordination • Act as a liaison between executives and internal teams, helping ensure requests, updates, and information flow smoothly across the organization Requirements: • U.S. citizenship • 1–3 years of experience in an administrative, executive assistant, or coordination-focused role, preferably within a technology or professional services environment • Strong organizational and time management skills, with the ability to handle multiple priorities and shifting demands • Excellent written and verbal communication skills, with the ability to draft clear, professional correspondence • High level of attention to detail and ability to maintain accuracy across documentation, scheduling, and follow-ups • Ability to work independently in a remote environment while staying aligned with leadership and team priorities • Proficiency with Microsoft 365 tools, including Outlook, Teams, and other collaboration platforms Desired Qualifications: • Experience working in a managed service provider (MSP) or similar fast-paced, client-focused environment • Familiarity with IT, cybersecurity, or compliance-driven organizations (e.g., CMMC, NIST, or government contracting environments) • Experience supporting executive leadership in a remote or distributed organization • Experience with documentation, note-taking, and maintaining organized records or internal knowledge bases (e.g., Confluence or similar tools) Benefits: • Fully paid individual healthcare, vision and dental insurance for the employee. • Paid certification and training opportunities. • Three weeks of paid vacation + 10 paid holidays. • A supportive environment with a focus on keeping healthy work-life balance. • Retirement benefit (401k) with company match.

• Independently resolve complex incidents within Service Desk scope, owning tickets end-to-end with strong documentation and verification. • Provide escalation support to Analyst I staff and ensure escalations meet SOP standards, including clear context, troubleshooting steps performed, urgency, and client impact. • Troubleshoot advanced identity, access, and authentication issues, including Entra ID and more complex SSO scenarios. • Execute Intune work within defined guardrails, including configuration changes and remediation aligned to SOP and change control processes. • Support more advanced networking-related tickets beyond Analyst I basics within defined scope and standards. • Perform limited implementation and project work aligned to SOP, validating outcomes and documenting results. • Submit change requests when required and execute approved changes within scope, including validation and rollback awareness. • Contribute to post-incident follow-up and structured root cause analysis for material incidents and recurring issues, with a focus on prevention. • Produce and maintain troubleshooting guides, SOPs, and Confluence knowledge base articles used by Analyst I and II staff. • Use automation to reduce repeat work, including adapting existing scripts and leveraging RMM workflows; may also write limited PowerShell or Microsoft Graph automation when appropriate. • Maintain audit-ready ticket records with traceability, identity verification, authorization chains, and documented change activity where required. • Mentor Analyst I staff through coaching, ticket review, and reinforcement of documentation and escalation standards.

• Work closely with marketing leadership and collaborate across teams to ensure content consistently reinforces Sentinel Blue’s brand and position as a trusted advisor, helping defense contractors strengthen cybersecurity maturity and navigate compliance with confidence. • Research developments across the CMMC ecosystem, DoD cybersecurity policy, and the broader GovCon cybersecurity landscape, identifying opportunities for Sentinel Blue to contribute timely and authoritative insights. • Develop and publish thought leadership content that strengthens Sentinel Blue’s voice within the Defense Industrial Base, translating complex cybersecurity and compliance topics into clear, engaging insights. • Collaborate with subject matter experts, assessors, engineers, and leadership across the organization to transform technical expertise into compelling narratives and educational content that drive curiosity and deeper understanding. • Coordinate and manage webinar logistics, including scheduling, speaker preparation, platform setup, and supporting content, while assisting with executive thought leadership initiatives such as podcasts and industry discussions through research and content development. • Create content across multiple formats, including written articles, podcasts, short-form video, and other digital formats. • Support and contribute to Sentinel Blue’s social media presence, adapting content for platforms such as LinkedIn to amplify thought leadership and engage the Defense Industrial Base community. • Contribute to editorial calendars and content planning, ensuring consistent publication aligned with Sentinel Blue’s strategic priorities and supporting marketing campaigns, events, and go-to-market initiatives. • Support multimedia initiatives by researching platforms, coordinating recording logistics, and managing technical setup, ensuring podcast, webinar, or video content is ready for recording, light editing, and distribution.

• Handle Entra ID administration and cloud identity tasks, including tenant configuration and common identity integrations. • Assist with Conditional Access and other policy work within established patterns. • Administer Microsoft 365 services (Exchange, SharePoint, OneDrive, Teams) and tenant configuration tasks. • Configure Intune device management tasks tied to cloud service delivery (profiles, compliance, baseline enforcement). • Contribute to Azure work under guidance, including VMs, storage, networking, and AVD within established designs. • Implement approved changes via Change Requests, including validation and clear documentation of outcomes. • Use existing RMM automation and tooling; write small task-level scripts when appropriate. • Execute patch management and lifecycle workflows within standards, including remediation work under guidance. • Maintain strong operational hygiene in tickets, notes, and documentation; create new KBs/runbooks/SOPs when gaps are found. • Participate in client calls as needed for troubleshooting, change discussions, and project work.

• Own Entra ID and cloud identity work across client environments, including integrations and authentication flows. • Design and implement Conditional Access patterns, MFA posture, and break-glass access approaches within standards. • Lead Microsoft 365 workstreams, including tenant configuration improvements and governance-related implementations. • Own Azure delivery work within the approved stack (VMs, storage, networking, AVD), including troubleshooting and remediation. • Lead projects end-to-end, including rollout planning, rollback planning, validation, and closure. • Regularly create SOPs, runbooks, KBs, and diagrams that improve delivery and supportability. • Build and improve reusable automation (PowerShell, Graph, workflow tooling) and refine existing patterns. • Drive permanent fixes for recurring issues and reduce repeat incidents through standards, documentation, and automation. • Participate in client calls as needed and communicate clearly about status, risks, and next steps.