CMMC Compliance Manager

Title: CMMC Compliance Manager

Beryllium InfoSec Inc. is seeking accomplished cybersecurity professionals who understand the strategic needs of businesses and are committed to help advise, strategize, implement and manage the compliance requirements of CMMC, DFARS 252.204-7012, 7019, 7020 & NIST SP 800-171.

Since 2018, Beryllium and our Cuick Trac® solution, have been supporting organizations within the Defense Industrial Base (DIB) in their cybersecurity compliance programs. As we continue to grow within a drastically evolving marketing, we are investing in highly skilled and driven people to bring our company to the next level. We are seeking individuals with a proven track record of meeting short term and long-term strategic objectives, as well as advising clients in achieving compliance initiatives. Previous history of success working with small-to-medium businesses is preferred.

You’ll be joining a team that is dynamic, knowledgeable, and focused on executing our overall growth strategy. We believe in an energetic and positive work environment, and a realistic work/life balance. We remain intent on our mission to ensure that organizations have the best, practical and affordable secure virtual enclave in order to meet their cybersecurity compliance requirements.

Position Summary:

Assess and advise NIST 800-171 & CMMC implementation of Cuick Trac® clients, while creating and managing strategic compliance road maps based upon existing and emerging cybersecurity standards, to empower clients to grow their business while maintaining DFARS and CMMC compliance. The ideal candidate will have experience and knowledge of working within NIST SP 800-171, DFARS and CMMC requirements, specific to Controlled Unclassified Information (CUI), Covered Defense Information (CDI), Covered Technical Information (CTI) and Export Controlled Data.

Essential Duties and Responsibilities: (Other duties may be assigned)

• Perform security assessments, risk assessments, implementation reviews, and provide the following deliverables:
• Generate System Security Plan (SSP) & Plan of Actions and Milestones (POAM)
• Create, update and advise on score to be entered in to SPRS
• Review or create client policy and procedure documents
• Provide remediation guidance and advisory for client to meet NIST 800-171, CMMC Level 2, DFARS and Export Controlled Data requirements by delivering the following:
• Boundary & Scoping Diagrams
• Incident Response Plan and Testing Exercise
• Data and User Flow Data Management Plan
• Annual Compliance Reviews
• Government Contract Reviews
• Create and Validate Customer Inheritance & Responsibility Matrix
• Physical Security Remediation Advisory
• Administration of Governance Risk and Compliance (GRC) Tool
• Skills/Experience:

To perform this job successfully, an individual should have knowledge of:

• 2-4 years of customer facing experience with NIST 800-53, 800-171, CMMC, NIST Risk Management Framework
• DFARS 252.204-7012, 7019 & 7020
• Experience with Firewalls, SIEM tools, vulnerability management, MFA, Anti-virus, DLP and other information security tools
• Risk assessment and security assessment processes, tracking and remediation of issues identified in audits or assessments.
• DoD Cybersecurity policy and governance-best practices and future trends
• POA&M management
• Working knowledge of operating systems and security applications
• Working knowledge of basic network protocols, tools and infrastructure
• Microsoft Office Products

Certificates and Licenses:

The following certifications are representative of the preferred certifications: CISSP, CISM, CMMC RP, CMMC RPA, CMMC CCP, CMMC CCA, and Azure certifications

Supervisory Responsibilities:

This position has no supervisory responsibilities.

Work Environment:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Benefits:

We value our employees time and efforts. Our commitment to your success is enhanced by our competitive annual salary, an extensive benefits package including paid time off, medical, dental and vision benefits, 401K plan and future growth opportunities within the company. Plus, we work to maintain the best possible environment for our employees, where people can learn and grow with the company. We strive to provide a collaborative, creative environment where each person feels encouraged to contribute to our processes, decisions, planning, and culture.

Job Type: Full-time

Work Location: Remote