Staff Security & Compliance Engineer- M365 GCCH/ CMMC
ServiceNow is seeking a Staff Security & Compliance Engineer to lead the technical design, implementation, and ongoing security operations of a Microsoft 365 GCC High environment supporting Controlled Unclassified Information (CUI). This role is critical in ensuring compliance with CMMC Level 2, DFARS 7012, and NIST 800-171 controls, with a target certification date of May 2026. The engineer will collaborate closely with Security, Legal, and IT teams to maintain audit readiness and successful certification.
Key responsibilities include leading the design and deployment of the GCC High tenant, defining secure architectures for various Microsoft services such as Entra ID (Azure AD), Exchange Online, SharePoint/OneDrive, Teams, Intune, Defender Suite, and Purview Compliance. The role also involves establishing Zero Trust and least-privilege administrative models, designing CUI boundary protections, and implementing compliance measures like MFA/Conditional Access, device compliance, logging/monitoring, DLP, and incident response workflows. Additionally, the engineer will manage security baselines, oversee incident investigations, and drive continuous improvement of controls.
The ideal candidate will have 6–10+ years of experience in Microsoft 365/Azure security engineering, with hands-on implementation of GCC High or FedRAMP/DoD environments. Direct experience with CMMC or NIST 800-171 control implementation, Intune & endpoint security, Entra ID Conditional Access/PIM, Defender suite, and Purview (DLP/eDiscovery/Insider Risk) is required. Strong technical documentation skills and experience preparing for security audits or assessments are also essential. U.S. citizenship or permanent residency is required for GCC High/CUI access.
ServiceNow offers a competitive base salary ranging from $131,600 to $230,300, along with equity (when applicable), variable/incentive compensation, and comprehensive benefits. The company fosters a collaborative and innovative culture, providing opportunities for professional growth and development in a dynamic environment.