About the Role
CMMC Consultants are leaders in NIST cybersecurity framework who perform assessments for cloud computing technologies in meeting US federal compliance. In this role you will become familiar with the DOD Cybersecurity Maturity Model Certification (CMMC), and become trained and certified by A-LIGN to perform CMMC assessments as a CMMC Certified Professional
Success in this position, requires a strong understanding of IT security-related system controls and of the various testing methods used to ascertain control effectiveness. You will work in a team atmosphere with an experienced Manager, and you’ll be assigned technical engagements to support and ensure client-ready deliverables are provided.
Reports to: Managing Consultant Pay Classification: Full-Time Responsibilities
- Perform audit testing in accordance with NIST SP 800-171, CMMC Level 1 and Level 2 Assessment Guide, and other authoritative IT security guidance
- Validate information system security plans to ensure NIST control requirements are met
- Assist in development of Security Authorization Packages and ensure completeness and compliance with CMMC requirements and other authoritative IT security guidance
- Collaborate across multiple internal teams to ensure successful delivery of results based on scope of work
- Prepare agendas (e.g. planning, fieldwork, closing, etc.) and request lists
- Lead client meetings and maintain client relationships
- Monitor evidence collection process
- Review evidence and provide feedback to clients
- Address and respond to client questions
- Document evidence in supporting audit leadsheets and workbooks
- Communicate engagement status to management, including escalating any potential issues
Minimum Qualifications
EDUCATION
- Bachelor’s degree in management information systems, information security, computer science, or relevant discipline; or combination of relevant education and work experience
- Master’s degree is a plus
EXPERIENCE
- 2-3 years of experience in information security or compliance, preferably with the Big 4 or a mid-tier consulting firm
- Familiarity with any of the following Security Frameworks (NIST, ISO, COBIT, HIPAA/HITECH, etc.) required
- Experience with US government compliance, including FISMA, FedRAMP, RMF, and CSF preferred
CERTIFICATIONS
- Working towards any of the following: CMMC CCP, CISA, CISSP, or other relevant certifications (e.g. CIPT, CCSK, etc.).
SKILLS
- Ability to meet deadlines with a high degree of motivation working in a fast-paced environment
- Ability to lead multiple assessment engagements
- Excellent communication skills to include the ability to explain technical matters to a non-technical audience
- Broad IT background with technical understanding of networks, protocols, security configurations, cryptography, identity and access management, and the systems development life cycle
Benefits
- Generous Paid Time Off Plan
- Virtual Employment
- Employer Paid Life Insurance and Disability Insurance
- Paid Office Closure December 25-January 1
- Paid Holidays Schedule
- Certification Reimbursement
About A-LIGN
A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com
Come Work for A-LIGN!
Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn
A-LIGN is an Equal Opportunity Employer! Minorities, women, disabled, and veterans encouraged to apply
