CMMC/Quality Manager

Nottingham Spirk•Cleveland, OH

7h•$130,000 - $187,500

About The Position

Nottingham Spirk is adding an exciting, hands-on opportunity for an experienced CMMC/NIST/quality professional. About Us Nottingham Spirk is a Cleveland, Ohio-based, design services consultancy. Founded in 1972, Nottingham Spirk (NS) helps corporate innovators grow their businesses by partnering with them from design to delivery, to create remarkable product innovations, medical devices, consumer product packaging, and more. With every discipline needed for your project in-house, we help our client-partners disrupt their industries, improve the lives of consumers, and change the world. With 1,500 issued patents and counting – and a 95% commercialization rate – the things we create make it to market. Position Summary: We are seeking an experienced and highly skilled CMMC/Quality Manager to join our dynamic team. The ideal candidate will have a strong background in leading, developing, documenting, and executing compliance and quality strategies for industry standards especially CMMC and NIST 800-171. This role bridges quality management, IT networking knowledge, and information security compliance, ensuring that products, systems, and processes meet customer, regulatory, and organizational expectations. The CMMC/Quality Manager works cross-functionally with Engineering, IT, Operations, Program Management, and external partners to implement robust quality systems, support secure data handling, and maintain a continuous-improvement culture.

Requirements

Education: Bachelor’s degree in Engineering, Quality, Information Technology, Cybersecurity, or a related field.
Experience: Minimum 7 years of experience in compliance/quality management or quality engineering.
Direct experience implementing or maintaining NIST SP 800-171 and CMMC policies and procedures.
Due to compliance with U.S. export control laws and regulations, candidate must be a U.S. Person, which is defined as, a U.S. citizen, a U.S. permanent resident, or have protected status in the U.S. under asylum or refugee status.
Skills: Working knowledge of networking concepts (e.g., firewalls, VLANs, access control, encryption, endpoint security).
Excellent documentation, communication, and leadership skills.
Demonstrated experience in influential leadership across multiple teams.
Ability to teach audit participation techniques.
Knowledge of DoW contracting requirements and cybersecurity regulations.
Experience with compliance and quality management tools (e.g., Drata, control plans).

Nice To Haves

Preferred experience with ISO-9001, AS9100, and ISO-13485 quality systems, but not required.
Demonstrated success leading audits, investigations, and process-improvement projects.
Certification: Security+, DoW Cybersecurity, CISA, or similar.
Experience within product development, engineering services, or technology environments.
Any Microsoft Certifications or GCC High familiarity
Familiarity with secure product development practices or controlled information workflows.

Responsibilities

Oversee implementation and ongoing adherence to NIST SP 800-171 controls related to the protection of Controlled Unclassified Information (CUI).
Collaborate with IT Networking teams and Managed Services Partner (MSP) to assess cybersecurity posture and implement required safeguards.
Maintain documentation including SSP (System Security Plan), POA&M (Plan of Action & Milestones), incident response procedures, and audit records.
Lead preparation for Dept of War or customer compliance assessments, including CMMC readiness and assessments.
Train personnel on security practices, data-handling requirements, and quality-related compliance procedures.
Maintain knowledge of most current updates in NIST and CMMC requirements and develops plans for updating NS policies, procedures and artifacts accordingly.
Develop, document, implement, and maintain the company’s Quality Management System (QMS).
Create, refine, and enforce quality and compliance policies, standard operating procedures, and documentation controls.
Lead internal and external quality audits; coordinate corrective and preventive actions (CAPA).
Track and analyze compliance and quality metrics; drive data-based improvements across the organization.
Oversee supplier compliance, quality, incoming inspections, non-conformance management, and root-cause analysis.
Work closely with networking/IT teams to ensure that systems impacting quality or compliance are properly configured, monitored, and secured.
Understand network diagrams, data flows, and system interactions relevant to quality systems and CUI management.
Evaluate and validate technical controls such as access management, system hardening, logging, and encryption to ensure alignment with NIST requirements.
Support validation of connected systems used in development, testing, or data collection.
Lead cross-functional problem-solving initiatives and process improvements.
Compliance planning for implementation of new technologies including AI tools.
Mentor and guide team members on quality principles, documentation, and compliance requirements.
Serve as the primary quality and compliance liaison to customers, suppliers, and regulatory bodies.
Facilitate communication between engineering, operations, IT teams, and executive leadership.
Support medical, aviation, automotive or other compliance standards as required by non-DoW clients.