Descripción del Empleo

About the Role 

CMMC Consultants are leaders in NIST cybersecurity framework who perform assessments for cloud computing technologies in meeting US federal compliance. In this role you will become familiar with the DOD Cybersecurity Maturity Model Certification (CMMC), and become trained and certified by A-LIGN to perform CMMC assessments as a CMMC Certified Professional 

Success in this position, requires a strong understanding of IT security-related system controls and of the various testing methods used to ascertain control effectiveness. You will work in a team atmosphere with an experienced Manager, and you’ll be assigned technical engagements to support and ensure client-ready deliverables are provided. 

Reports to: Managing Consultant 
Pay Classification: Full-Time  

Responsabilidades del Puesto

Responsibilities 
Perform audit testing in accordance with NIST SP 800-171, CMMC Level 1 and Level 2 Assessment Guide, and other authoritative IT security guidance
Validate information system security plans to ensure NIST control requirements are met
Assist in development of Security Authorization Packages and ensure completeness and compliance with CMMC requirements and other authoritative IT security guidance
Collaborate across multiple internal teams to ensure successful delivery of results based on scope of work
Prepare agendas (e.g. planning, fieldwork, closing, etc.) and request lists
Lead client meetings and maintain client relationships
Monitor evidence collection process
Review evidence and provide feedback to clients
Address and respond to client questions
Document evidence in supporting audit leadsheets and workbooks
Communicate engagement status to management, including escalating any potential issues 

Requisitos del puesto

Minimum Qualifications 

EDUCATION 

Bachelor’s degree in management information systems, information security, computer science, or relevant discipline; or combination of relevant education and work experience
Master’s degree is a plus 

EXPERIENCE 

2-3 years of experience in information security or compliance, preferably with the Big 4 or a mid-tier consulting firm
Familiarity with any of the following Security Frameworks (NIST, ISO, COBIT, HIPAA/HITECH, etc.) required
Experience with US government compliance, including FISMA, FedRAMP, RMF, and CSF preferred 

CERTIFICATIONS 

Working towards any of the following: CMMC CCP, CISA, CISSP, or other relevant certifications (e.g. CIPT, CCSK, etc.). 

Ubicación