Senior CMMC Consultant, Public Sector Advisory

This is a fully remote position, open to applicants in United States.

📋 Description

• Oversee IT system security consultations in both cloud-based and on-premises settings, adhering to CMMC, NIST SP 800-171, NIST SP 800-53, 800-37, DFARS, OMB, and other authoritative IT security directives.

• Independently manage advisory consulting projects, performing leadership tasks such as gap analyses, workshops, and other consulting engagements under the supervision of a delivery owner (senior manager and/or director).

• Lead the creation of System Security Plans and related documentation in line with CMMC and DFARS/NIST standards.

• Prepare, review, update, and maintain IT Security supporting materials.

• Offer IT security guidance to Information System Owners, clients, and project team members.

• Identify information security issues and challenges while researching and developing technical solutions to resolve them.

• Prepare, review, and edit advisory reports.

• Manage project priorities, tasks, and hours alongside the project manager to meet delivery utilization goals.

• Ensure that quality products and services are delivered punctually.

• Timely escalate client and project issues to management to engage the necessary resources for resolution.

• Mentor team members in areas such as audit preparation, assessment, technical review, and writing.

• Engage with clients throughout the entire process, interacting with various levels within client organizations.

• Build and sustain positive collaborative relationships with clients and stakeholders.

• Commit to ongoing professional development by maintaining industry-specific certifications and a deep understanding of the practice area.

⛳️ Requirements

• A minimum of 3 years of experience with government compliance, including CMMC, FISMA, FedRAMP, and DoD RMF.

• Strong familiarity with NIST Special Publications 800-171, 800-30, 800-37, and 800-53.

• Experience executing every phase of the risk management framework (RMF) in the provision of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have secured and maintained full authorization to operate (ATO).

• Proficiency in virtualization or cloud technologies.

• Experience with container-based architectures.

• Background in client-server and traditional on-premises architecture.

• Strong understanding of information security-related solutions, tools, and utilities.

• Bachelor's degree in IT or business from a four-year institution, or a relevant combination of education and experience.

• CMMC Certifications (CCP, CCA, or Lead CCA).

• Optional: Technical cloud certification (AWS, Google, Azure, or similar), CISSP, CISA, CISM, or equivalent credentials.

🏝️ Benefits

• Paid parental leave.

• Flexible time off.

• Reimbursement for certification and training.

• Membership for digital mental health and wellbeing support.

• Comprehensive insurance options.