Description

CMMC Specialist

HIGHLIGHTS
Location:Remote (Phoenix, AZ or Washington, DC)
Position Type: Contract to Hire
Hourly / Salary:BOE
Residency Status:US Citizen

Our client is looking for a CMMC Specialist to join their team!

General Summary:

The CMMC Specialist works closely with key constituents across various departments, Information Technology, Internal Audit, Corporate Cybersecurity Team, and 3rd party audit firms to orchestrate consistent and well-documented processes, standards, and solutions in support of our company's CMMC program. This role oversees our client's CMMC program, other related duties, and the Department of Defense (DoD) CMMC program and DFARs, while working closely with the corporate cybersecurity team to address compliance requirements.

Principal Duties and Responsibilities:

• Lead assigned Information Security projects on behalf of our client to achieve compliance requirements for CMMC at designated of our client's subsidiaries
• Maintain expert-level knowledge of the CMMC framework and changing DFAR rules, including practice requirements and assessment methodologies
• Manage and coordinate activities associated with CMMC security testing/self-assessments
• Define and manage the self-assessment process and deliverables for manager approval
• Proactively maintain up-to-date knowledge of industry trends to enhance skills and abilities and contribute to the development of new or enhanced service offerings
• Develop and maintain security documentation that satisfies the CMMC compliance framework requirements. Security documentation includes but is not limited to: System Security Plan (SSP), Plan of Action & Milestones (POA&M), Configuration Management Plan, Incident Response Plan, Business Continuity and IT Disaster Recovery Plan, Risk Mitigation Plan, and general policy and procedures as needed
• Provide oversight of CMMC programs for all applicable our client's subsidiaries
• Act as a liaison between our client's subsidiaries and external auditors to ensure all auditor requests are completed accurately and in a timely manner
• Provide consultative reviews of security documentation and accompanying remediation or enhancement recommendations
• Special projects as assigned

Job Specifications:

• Minimum of 3 years working with DoD and government regulations
• Experience comprehending, reviewing, and aligning industry best security controls and frameworks i.E., NIST CSF, NIST 800-53, NIST 800-171 to organizational policies, standards, and procedures
• In-depth knowledge and understanding of CUI data flows and secure boundaries
• In-depth knowledge and understanding of regulatory compliance concerns and industry-standard security and risk frameworks
• CISA, CRISC, CISSP, GSEC, or CMMC RPA certifications or higher education is preferable
• Ability to effectively communicate and interact with personnel at all levels
• Good project management and effective time management skills
• Must be capable of delivering a very high level of customer service

"We are GTN -The Go To Network"