CMMC Consultant

Summary

Join A-LIGN as a CMMC Consultant and become a leader in NIST cybersecurity framework assessments for cloud computing technologies. You will gain expertise in the DOD Cybersecurity Maturity Model Certification (CMMC) and become A-LIGN certified. Success requires a strong understanding of IT security and testing methods. You will collaborate with a team, manage client engagements, and ensure high-quality deliverables. The role involves performing audits, validating security plans, assisting in package development, and leading client meetings. A-LIGN offers a dynamic work environment and opportunities for professional growth.

Requirements

• Bachelor’s degree in management information systems, information security, computer science, or relevant discipline; or combination of relevant education and work experience
• 2-3 years of experience in information security or compliance, preferably with the Big 4 or a mid-tier consulting firm
• Familiarity with any of the following Security Frameworks (NIST, ISO, COBIT, HIPAA/HITECH, etc.) required
• Working towards any of the following: CMMC CCP, CISA, CISSP, or other relevant certifications (e.g. CIPT, CCSK, etc.)
• Ability to meet deadlines with a high degree of motivation working in a fast-paced environment
• Ability to lead multiple assessment engagements
• Excellent communication skills to include the ability to explain technical matters to a non-technical audience
• Broad IT background with technical understanding of networks, protocols, security configurations, cryptography, identity and access management, and the systems development life cycle

Responsibilities

• Perform audit testing in accordance with NIST SP 800-171, CMMC Level 1 and Level 2 Assessment Guide, and other authoritative IT security guidance
• Validate information system security plans to ensure NIST control requirements are met
• Assist in development of Security Authorization Packages and ensure completeness and compliance with CMMC requirements and other authoritative IT security guidance
• Collaborate across multiple internal teams to ensure successful delivery of results based on scope of work
• Prepare agendas (e.g. planning, fieldwork, closing, etc.) and request lists
• Lead client meetings and maintain client relationships
• Monitor evidence collection process
• Review evidence and provide feedback to clients
• Address and respond to client questions
• Document evidence in supporting audit leadsheets and workbooks
• Communicate engagement status to management, including escalating any potential issues

Preferred Qualifications

• Master’s degree is a plus
• Experience with US government compliance, including FISMA, FedRAMP, RMF, and CSF preferred