Information Security Compliance Manager

About The Position

Requirements

• A bachelor's degree in information technology, cybersecurity, related field, or equivalent experience.
• Current cybersecurity certification (one or more of: CISSP, CISM, CISA, CCP, or CCA).
• Extensive hands on experience interpreting, implementing, and assessing CMMC, NIST SP 800-171, DoD, and ITAR cybersecurity requirements.
• Strong analytical skills, attention to detail, and ability to provide clarity in complex, unprecedented or ambiguous environments.
• Strong organizational, communication and interpersonal skills with the ability to guide and influence technical and non-technical teams.
• Proficiency with compliance tracking tools, GRC platforms, and project management tools.
• Willingness to travel domestically up to 10-20%, depending on business needs.
• To conform to U.S. Government technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C 1324b(a)(3), or eligible to obtain the required authorizations from the U.S.

Nice To Haves

• Formal CCA or CCP training (if not certification) preferred.

Responsibilities

• Lead detailed gap analyses across technical, administrative, and physical controls to identify deficiencies and required remediation at both certified entities and entities pursuing CMMC certification.
• Translate CMMC practices into clear, actionable technical requirements for IT, Engineering, Manufacturing, Security, HR, and other impacted teams.
• Guide and validate the implementation of required controls, ensuring alignment with CMMC and NIST SP 800-171 assessment criteria.
• Support CUI scoping activities including asset inventory validation, boundary definition, and data flow mapping.
• Develop and implement compliance policies, procedures, and standards for cybersecurity, and assist other functions and business units in developing their own.
• Coordinate with IT, Legal, HR, and business units to ensure compliance requirements are understood and completed.
• Lead the creation, refinement, and maintenance of compliance documentation including SSPs, POA&Ms, ConMon materials, policies, procedures, and evidence artifacts.
• Establish and implement structured evidence collection and artifact management processes to ensure audit readiness.
• Perform internal readiness assessments, mock audits, and control testing to maintain confidence in Re:Build’s compliance posture and prepare for C3PAO assessment.
• Collaborate with assessors to support readiness and certification activities.
• Conduct risk assessments and provide recommendations to mitigate cybersecurity and compliance risks.
• Assess and report progress toward compliance objectives, including readiness status and control maturity.
• Advise leadership on compliance risks, technical challenges, and factors that may impact certification timelines or sustainment.
• Generate reports for cybersecurity leadership and contribute to executive level updates.
• Provide formal and ad-hoc guidance and training to employees on cybersecurity compliance matters, including CMMC-specific responsibilities.
• Represent the security function in meetings, planning sessions, and cross-functional initiatives, including travel to sites as needed.

Benefits

• Every employee of Re:Build will share ownership in the company and will share in the financial rewards of the success we achieve together, at all levels of the company!