CMMC Consultant

About the Role 

CMMC Consultants are leaders in NIST cybersecurity framework who bring deep knowledge of client engagement and practice management. Using your strong experience with NIST you will support and lead teams to perform assessments for cloud computing technologies in meeting federal compliance. 

This role is specific to assessors familiar with the DOD Cybersecurity Maturity Model Certification (CMMC), and are certified to perform CMMC assessments as a CMMC Certified Professional. 

Success in this position, requires a strong understanding of CMMC, NIST 800-171, security-related system controls and of the various testing methods used to ascertain control effectiveness. You will work in a team atmosphere with an experienced Manager, and you’ll be assigned technical engagements to lead or support and ensure client-ready deliverables are provided. 

Reports to

Managing Consultant 

Pay Classification

Full-Time  

Responsibilities 

• Perform audit testing in accordance with NIST SP 800-171, CMMC Level 1 and Level 2 Assessment Guide, and other authoritative IT security guidance
• Validate information system security plans to ensure NIST control requirements are met
• Assist in development of Security Authorization Packages and ensure completeness and compliance with CMMC requirements and other authoritative IT security guidance
• Collaborate across multiple internal teams to ensure successful delivery of results based on scope of work
• Prepare agendas (e.g. planning, fieldwork, closing, etc.) and request lists
• Lead client meetings and maintain client relationships
• Monitor evidence collection process
• Review evidence and provide feedback to clients
• Address and respond to client questions
• Document evidence in supporting audit leadsheets and workbooks
• Communicate engagement status to management, including escalating any potential issues 

Minimum Qualifications 

EDUCATION 

• Bachelor’s degree in management information systems, information security, computer science, or relevant discipline; or combination of relevant education and work experience
• Master’s degree is a plus 

EXPERIENCE 

• Familiarity with any of the following Security Frameworks (NIST, ISO, COBIT, HIPAA/HITECH, etc.) required
• Experience with US government compliance, including FISMA, FedRAMP, RMF, and CSF preferred 

CERTIFICATIONS 

• Must have CMMC Certified Practitioner (CCP)
• PMP is a plus 

SKILLS 

• Ability to meet deadlines with a high degree of motivation working in a fast-paced environment
• Ability to lead multiple assessment engagements  
• Excellent communication skills to include the ability to explain technical matters to a non-technical audience
• Broad IT background with technical understanding of networks, protocols, security configurations, cryptography, identity and access management, and the systems development life cycle 

Benefits  

• Healthcare, Dental, and Vision Benefits
• EAP - Employee Assistance Program
• Competitive Bonus Structure
• Home Office Reimbursement
• Technology Allowance
• Certification Reimbursement
• Public Transportation Card
• Multisport Card
• Personalized Career Coaching
• Generous Paid Time Off
• Paid Office Closure December 24-January 1
• Summer Hours

About A-LIGN 

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com

Come Work for A-LIGN! 

Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn.  
A-LIGN is an Equal Opportunity Employer. 

The personal data you provide to us is processed by A-LIGN Bulgaria. Your personal data is shared with employees of A-LIGN, and the candidate data retention period is 6 months. You have the right to obtain information about the processing of your personal data. In addition, you have the right to correct, to block, and to delete your data in accordance with the local laws and regulations. For more information you can visit A-LIGN’s Job Ads Privacy Policy.