Information Security Advisor III (CMMC)

About The Position

Requirements

• Master’s degree in Cybersecurity, Information Technology, or a related field preferred.
• 7+ years of experience in cybersecurity advisory, compliance, or risk management roles, with demonstrated experience supporting CMMC‑related readiness or assessor‑adjacent activities.
• CMMC Certified Assessor (CCA) credential required. This role exclusively supports CMMC advisory and readiness engagements.
• Expert‑level ability to explain complex technical and regulatory concepts in writing and verbally to diverse audiences.
• Demonstrated experience leading client conversations, influencing decision‑making, and fostering trust through clear communication and strategic insight.
• Experience applying formal assessment methodology and evidence evaluation rigor in a non‑certification, advisory context.
• Experience with CMMC and supporting frameworks, including NIST SP 800‑171, as well as related standards such as ISO, FedRAMP, GovRAMP, HIPAA, PCI, and SCF.

Responsibilities

• Lead and oversee complex CMMC advisory and readiness engagements, serving as the primary subject matter expert and escalation point for CMMC‑related client and internal inquiries.
• Conduct advanced CMMC readiness evaluations, gap analyses, and compliance assessments using assessor‑informed methodology to evaluate implementation maturity and preparedness for CMMC Level 1 and Level 2 requirements, without performing formal certification assessments.
• Develop, review, and approve CMMC‑related documentation, including policies, procedures, implementation narratives, evidence mappings, remediation plans, and readiness artifacts, ensuring accuracy, completeness, and alignment with CMMC expectations and supporting standards such as NIST SP 800‑171.
• Mentor, guide, and provide technical oversight to junior advisors supporting CMMC engagements, contributing to knowledge transfer, skill development, and overall team effectiveness.
• Lead and facilitate client advisory meetings, executive briefings, interviews, and readiness workshops, clearly communicating CMMC requirements, assessment expectations, and technical concepts to both technical and non‑technical audiences.
• Collaborate cross‑functionally with consulting, advisory, PMO, and program leadership teams to ensure alignment on CMMC engagement objectives, deliverables, and service quality.
• Identify opportunities for operational, methodological, or engagement‑level improvements and contribute to the refinement of CMMC advisory processes, standards, templates, and client‑facing materials.
• Ensure all advisory deliverables meet established quality standards, contractual requirements, organizational policies, and ethical boundaries related to non‑C3PAO advisory services.
• Maintain current knowledge of evolving CMMC requirements, assessment guidance, DoD policy updates, and industry best practices to inform advisory guidance and recommendations.

Benefits

• Medical coverage, including employer match program for Health Savings Accounts (HSAs)
• Generous 401k retirement plan with employer match
• Dependent Care Flexible Spending Account (DCFSA)
• Employee Assistance Program (EAP) with unlimited usage and visits and wellness program
• Dental and Vision insurance
• Company-sponsored life insurance, with options for additional coverage
• Short- and Long-Term Disability (STD and LTD) benefits
• Pet insurance
• Maternity, Paternity, and Military benefits
• Baby on Board program
• Paid Time Off package
• Company Anniversary Bonus program
• Professional Development opportunities, including Young Professional Series, Manager Focus series, Cyber Security panels and briefs, and more
• A+ rated HQ office full of amenities including fitness center, rec room, coffee bars, bike room, café, auditorium, private Mother’s room, and more