Compliance Manager

About The Position

Requirements

• Technical cybersecurity knowledge
• Audit/compliance experience
• Strong project management skills

Nice To Haves

• Bachelor's Degree, preferably in Cybersecurity, Information Technology or similar field
• Certified CMMC Professional (CCP)
• Certified CMMC Assessor (CCA)
• CISSP (Certified Information Systems Security Professional)
• CISA (Certified Information Systems Auditor)
• CISM (Certified Information Security Manager)
• Other relevant cybersecurity or compliance certifications

Responsibilities

• Lead end-to-end CMMC readiness and certification efforts
• Interpret and implement CMMC requirements across the organization
• Serve as the primary internal owner of all CMMC-related activities
• Develop and maintain: System Security Plan (SSP)
• Develop and maintain: Policies, procedures, and control documentation
• Develop and maintain: Plans of Action & Milestones (POA&M)
• Map organizational controls to NIST SP 800-171 requirements
• Ensure audit-ready documentation and evidence collection
• Prepare for and support third-party assessments (C3PAO audits)
• Act as the primary liaison during audits
• Coordinate internal responses to audit findings
• Conduct gap assessments and risk analyses
• Prioritize and track remediation efforts
• Partner with IT and business units to implement required controls
• Collaborate with IT to ensure proper implementation of: Access controls (MFA, least privilege)
• Collaborate with IT to ensure proper implementation of: Endpoint and network security
• Collaborate with IT to ensure proper implementation of: Logging and monitoring
• Collaborate with IT to ensure proper implementation of: Data protection for Controlled Unclassified Information (CUI)