Job State: MD

Cyber Security Advisor

Job Title: Cybersecurity Advisor – CMMC Compliance

Overview:
We are seeking an experienced Cybersecurity Advisor with a strong focus on CMMC (Cybersecurity Maturity Model Certification) to lead and manage an organization’s efforts to achieve and maintain CMMC certification. This role involves working closely with internal teams and external stakeholders to ensure compliance with cybersecurity standards, enhance the organization’s security posture, and support business continuity. The ideal candidate will have a deep understanding of CMMC requirements, along with expertise in security frameworks, compliance, and risk management.

Key Responsibilities:

CMMC Certification Management:

  • Lead the organization through the CMMC certification process from initial assessment to final certification and ongoing compliance.

  • Develop and implement a detailed CMMC compliance roadmap, including timelines, resource allocation, and key milestones.

  • Ensure that security controls and procedures meet the standards required for each CMMC level (1-3).

Framework Implementation & Policy Development:

  • Interpret and apply the CMMC framework, aligning it with existing organizational processes and policies.

  • Collaborate with IT, security, and operational teams to implement necessary controls and security measures.

  • Develop, review, and maintain cybersecurity policies and procedures to ensure compliance with CMMC and other applicable standards.

Gap Analysis & Remediation:

  • Conduct comprehensive gap analyses to identify deficiencies in current security practices relative to CMMC requirements.

  • Develop and oversee remediation plans to address identified gaps and ensure timely and effective implementation of corrective actions.

Risk Management & Compliance:

  • Identify and assess risks associated with non-compliance to CMMC standards and other relevant frameworks (e.g., NIST 800-171, ISO 27001, DFARS).

  • Develop strategies to mitigate risks and ensure compliance with evolving regulatory frameworks.

Training & Awareness:

  • Design and deliver training programs to educate employees on CMMC requirements, security policies, and best practices.

  • Promote a culture of security awareness within the organization, emphasizing the importance of compliance and risk management.

Internal Audits & Continuous Monitoring:

  • Plan and conduct internal audits and assessments to evaluate the effectiveness of security controls and overall CMMC compliance.

  • Implement continuous monitoring processes to ensure ongoing compliance with CMMC standards and address any emerging security risks.

Stakeholder Engagement & Reporting:

  • Act as the primary point of contact for all CMMC-related matters, liaising with senior management, external auditors, and other relevant parties.

  • Prepare and present regular status reports on the progress of CMMC compliance efforts, identifying challenges, gaps, and next steps.

Qualifications:

  • Bachelor's degree in Cyber Security, Information Technology, Computer Science, or a related field (Master’s degree preferred).

  • Relevant certifications such as CISSP, CISM, CMMC-AB Certified Assessor, CMMC-CCP, or equivalent.

  • Extensive experience in cybersecurity, with a focus on compliance, security frameworks, and regulatory standards.

  • Strong understanding of the CMMC framework and its application across various organizational contexts.

  • Proven experience in risk management, policy development, and incident response.

  • Solid experience in leading or supporting CMMC certification efforts and security audits.

  • Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders effectively.

  • Strong project management skills, including the ability to manage multiple projects and deadlines efficiently.

Desired Skills:

  • Familiarity with other regulatory frameworks such as NIST SP 800-171, ISO 27001, and DFARS.

  • Experience working with government contractors and an understanding of the federal contracting process.

  • Strong technical background, with experience in implementing security controls and technologies (e.g., cloud security, endpoint protection, vulnerability management tools).

  • Ability to adapt to changing regulatory landscapes and evolving organizational needs.

Why Join Us?

  • Competitive compensation and benefits package.

  • Opportunity to work on impactful cybersecurity projects with a diverse range of clients across industries.

  • A collaborative, dynamic work environment with opportunities for professional growth and development.

If you’re passionate about cybersecurity compliance and are ready to lead an organization’s efforts in achieving and maintaining CMMC certification, we’d love to hear from you!