Key skills
AWSAzureCloudCyber SecurityGoogle Cloud PlatformGCPGoogle CloudProject ManagementCommunicationSales
About this role
Role Overview
- Leveraging industry and technical expertise to assess risks and control implementation associated with client environments handling CUI.
- Leading or supporting all phases of CMMC assessment delivery including scoping, planning, evidence collection, testing, analysis, and reporting.
- Managing client interactions across multiple levels including executives, security teams, and system owners.
- Managing multiple concurrent client engagements including timelines, deliverables, and quality of work.
- Documenting assessment results with clear, defensible rationale aligned to assessment objectives.
- Evaluating control implementation across cloud and hybrid environments including AWS, Azure (Commercial, GCC, GCCH), and GCP.
- Reviewing workpapers, testing results, and draft reports to ensure completeness, accuracy, and consistency.
- Maintaining strict assessor independence while providing practical insight into control gaps and deficiencies.
- Supporting internal quality assurance processes and adherence to C3PAO requirements.
- Coaching and developing junior team members.
- Assisting with business development and growth of the CMMC practice as needed.
- Approximately 20–30% travel time required.
- Leading internal initiatives as necessary.
Requirements
- Active CMMC Certified Assessor (CCA) designation required.
- 5+ years of experience in cybersecurity assessment, audit, or compliance.
- Experience with NIST SP 800-171, NIST SP 800-53/RMF, or ISO 27001/2.
- Experience conducting or supporting formal (external) assessments such as CMMC, FedRAMP/GovRAMP, NIST 800-53, ISO 27001/2.
- Hands-on experience with cloud environments including AWS, Microsoft Azure (including GCC and GCCH), and Google Cloud Platform.
- Strong communication skills; verbal and written, with the ability to produce clear and defensible assessment documentation.
- Flexible, self-starter with the ability to operate in a fast-paced environment and manage multiple engagements simultaneously.
- Ability to interact with various levels of client and firm management.
- Ability to lead or support engagement teams, review work, and manage client relationships.
- Ability to train and develop team members.
- Ability and desire to assist with sales and growth of the practice.
- Strong project management skills including managing multiple clients and delivery timelines concurrently.
- 5+ years of experience in IT auditing, cybersecurity, or consulting.
- Undergraduate degree in Cybersecurity, Information Systems, Computer Science, or related field.
- Relevant industry certifications (e.g., CISSP, CISM, CISA) preferred.
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Google Cloud Platform
Benefits
- Medical, Dental, and Vision Insurance on the first day of employment
- Flexible Spending Account and Dependent Care Account
- 401k with Profit Sharing
- 9+ holidays and discretionary time off structure
- Parental Leave – coverage for both primary and secondary caregivers
- Tuition Assistance Program and CPA support program with cash incentive upon completion
- Discretionary incentive compensation based on firm, group and individual performance
- Incentive compensation related to origination of new client sales
- Top rated wellness program
- Flexible working environment including remote and hybrid options