Compliance Program Manager

Find-posted 3 days ago
Full-time • Mid Level
Hybrid • Herndon, VA
251-500 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Exostar is seeking a Compliance Program Manager to lead and scale our Cybersecurity Maturity Model Certification (CMMC) service offerings. This role is responsible for overseeing, optimizing, and driving the success of Exostar’s CMMC programs, ensuring customers receive a consistent, high-quality, and compliance-aligned experience. As the primary owner of our CMMC portfolio, you will guide the delivery of readiness assessments, guided support services, managed compliance offerings, and Certification Assistant engagements. You will work cross-functionally to ensure operational excellence, regulatory alignment, and continuous improvement across all CMMC-related services. This position serves as the operational and strategic owner of Exostar’s CMMC services, ensuring they meet regulatory requirements, evolving DoW expectations, and the needs of customers navigating the complex compliance landscape. The Program Manager works closely with cross-functional teams—including Product, Engineering, Security, Customer Success, Sales, and external partners—to maintain service quality, ensure alignment with industry standards, and drive continuous improvement. The ideal candidate brings deep knowledge of NIST SP 800-171, CMMC frameworks, compliance program management, and customer-centric service delivery. They are skilled at orchestrating teams, managing dependencies, tracking outcomes, and adapting programs as regulations and customer needs evolve.

  • Program Leadership & Strategy Own and manage the end-to-end CMMC services portfolio, including readiness programs, advisory support, and any managed compliance services offered by Exostar.
  • Develop and maintain a strategic roadmap for CMMC services aligned with regulatory updates, customer needs, and Exostar’s business goals.
  • Serve as the internal subject matter expert on CMMC program structure, compliance milestones, scoring methodologies, timelines, and DoD expectations.
  • Evaluate and refine service frameworks, pricing models, delivery methodologies, and customer engagement workflows.
  • Service Delivery Management Oversee successful delivery of all CMMC-related customer engagements, ensuring quality, consistency, and adherence to documented processes.
  • Coordinate cross-functionally with Engineering, Product Management, Support, Customer Success, and partner organizations to resolve escalations and ensure smooth execution of CMMC services.
  • Customer Experience & Stakeholder Coordination Act as the primary operational liaison for customers engaged in Exostar’s CMMC services, ensuring they receive timely communication, guidance, and measurable progress.
  • Support sales and customer success teams by providing domain expertise during pre-sales conversations, solution positioning, and service scoping.
  • Compliance Expertise & Continuous Improvement Maintain deep expertise in CMMC, NIST SP 800-171, DFARS 252.204-7012, 7019, 7020, and related compliance frameworks.
  • Track regulatory changes, DoW updates, and ecosystem developments to ensure Exostar’s services remain accurate and relevant.
  • Develop or enhance documentation, process guides, best practices, templates, and knowledge resources for internal teams and customers.
  • Identify opportunities to automate, scale, or enhance CMMC service delivery, working closely with Product teams to recommend improvements.
  • Program Reporting & Governance Track KPIs related to customer progress, adoption, satisfaction, engagement duration, and overall program performance.
  • Prepare monthly/quarterly reporting for leadership, highlighting risks, bottlenecks, and opportunities for improvement.
  • Ensure CMMC services operate in alignment with Exostar’s security, compliance, and quality standards.
  • 6+ years of experience in compliance program management, cybersecurity frameworks, GRC consulting, or a related discipline.
  • Strong knowledge of NIST SP 800-171, CMMC 2.0, and DoW cybersecurity requirements.
  • Bachelor's degree in Computer Science, Information Security, Information Technology or equivalent experience
  • Experience leading cross-functional programs, tracking milestones, and managing service delivery for enterprise customers.
  • Excellent communication skills with the ability to break down complex requirements into clear, actionable guidance.
  • Proven ability to manage multiple concurrent customer engagements or programs.
  • Demonstrated success in process ownership, continuous improvement, and operational standardization.
  • CMMC-related certifications such as CCP, CCA, RP, or similar credentials.
  • Experience working with or within regulated industries such as aerospace & defense, government contracting, or high-trust environments.
  • Familiarity with compliance platforms, GRC tools, readiness assessments, scoring methodologies, and evidence collection workflows.
  • Background in SaaS, cloud services, or cybersecurity product organizations.
  • Experience collaborating with or managing third-party RPOs, C3PAOs, or auditor relationships.
  • We believe in employee development: we promote internally and provide training and educational assistance
  • We provide a fun, engaged workplace, with social and community-building events
  • We offer comprehensive benefits and flexible time off plans
  • Exostar is an Equal Opportunity Employment Employer. The company provides equal employment opportunities to all applicants without regard to race, color, religion, sex, national origin, age, marital status, disability status or genetic information. Exostar is committed to providing equal employment opportunities for all persons in all facets of employment including recruiting, hiring, compensation, promotion, training, benefits, transfers and working conditions.
Track Jobs with Teal

Job Search Resources

Resume Builder
Compliance Manager Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service