Senior CMMC Certified Professional

Summary

Join TestPros as a part-time CMMC Consultant and leverage your expertise to guide clients through CMMC 2.0 compliance. You will assess organizational readiness, provide certification guidance across levels 1-4, and develop comprehensive compliance roadmaps. Responsibilities include subcontractor oversight, incident reporting, and conducting training sessions. This role requires extensive experience in cybersecurity consulting, specifically with DoD contracts and CMMC implementation, along with relevant certifications. A flexible schedule and competitive hourly rate are offered, along with benefits for full-time employees.

Requirements

• Over 5 years of experience in cybersecurity consulting, specializing in DoD contracts, compliance frameworks (e.g., NIST SP 800-171), and CMMC implementation
• Certified CMMC Professional (CCP)
• Certified CMMC Assessor (CCA)
• Certified DOD CMMC assessor
• Expertise in setting up an authorized CMMC Third Party Assessment Organization (C3PAO)
• Proficient with new CMMC 2.0 requirements and knowledgeable about the Department of Defense's recently released final rule for the Cybersecurity Maturity Model Certification (CMMC) Program
• Experience working with the Defense Industrial Base (DIB) and handling Controlled Unclassified Information (CUI)
• Prior experience developing Plans of Action and Milestones (POA&M) for cybersecurity compliance
• Familiarity with the latest DFARS Clause 252.204-7021 requirements and the implications of the August 2024 CMMC 2.0 updates
• Strong understanding of federal cybersecurity regulations such as DFARS and FISMA
• Proficient in tools like eMASS and ACAS, with extensive knowledge of cybersecurity standards (NIST 800-171, NIST 800-172)
• Excellent written and verbal communication skills, with the ability to translate complex compliance details into clear, actionable guidance for non-technical audiences

Responsibilities

• Assess Organizational Readiness: Evaluate current cybersecurity practices and gaps in relation to the three CMMC 2.0 levels (Foundational, Advanced, Expert)
• CMMC Certification Guidance: Provide expert advice on the steps required to achieve and maintain certifications for Levels 1, 2, 3 and 4. This includes guidance on self-assessments, third-party certifications, and government-led assessments
• Compliance Strategy: Develop a comprehensive roadmap for achieving CMMC compliance, including identifying necessary controls and policies, implementing NIST SP 800-171/800-172 requirements, and addressing Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) security
• Subcontractor Oversight: Assist prime contractors in ensuring that subcontractors meet CMMC certification requirements, implementing a robust supply chain compliance management system
• Incident Reporting & Continuous Compliance: Provide guidance on establishing continuous monitoring and compliance processes, including the rapid reporting of security incidents (72-hour notification) and annual affirmations of compliance
• Training & Awareness: Conduct training sessions for internal teams and contractors to understand the CMMC requirements and how to implement appropriate cybersecurity controls

Preferred Qualifications

Active or recently active DoD security clearance

Benefits

• Competitive hourly rate, based on experience
• Flexible schedule with the possibility of extended contract work
• Medical/dental/vision insurance
• Life insurance
• Paid time off
• Paid holidays
• 401(k) retirement plan with company match
• Opportunities for professional growth
• Cell phone discounts