Sr. Manager Cyber Security (CMMC Compliance)
About The Position
ARA is a leading C5ISR company that designs, manufactures, tests and installs innovative technologies that provide the national security community with unparalleled situational awareness, threat detection, and communications capabilities. Our disruptive, integrated solutions, assemblies and subsystems rise to the challenging demands of discerning, mission-critical customers. We leverage our capabilities to meet and exceed the requirements of our customers and empower them to remain ahead of evolving threats and complexities in a dynamic security landscape. The Senior Manager, Cybersecurity (CMMC Compliance) will lead cybersecurity governance, regulatory compliance, and information security initiatives across the enterprise. This role will be responsible for maintaining and advancing the organization's CMMC compliance program while ensuring adherence to NIST 800-171, DFARS requirements, CUI protection standards, and other applicable cybersecurity regulations.
Requirements
- 8+ years of cybersecurity, information assurance, or compliance experience, preferably within a defense or regulated environment.
- Hands-on experience supporting or leading CMMC Level 2 implementation, assessment, and sustainment activities.
- Strong knowledge of NIST SP 800-171, DFARS requirements, CUI protection, and ITAR-controlled environments.
- Experience developing SSPs, managing POA&Ms, conducting risk assessments, and supporting cybersecurity audits.
- Bachelor's degree in Computer Science, Information Systems, Business Technology, or related field required.
Nice To Haves
- Advanced degree preferred.
- Relevant certifications such as CISSP, CISM, CISA, Security+, or similar credentials preferred.
Responsibilities
- Lead and maintain the organization's CMMC Level 2 compliance program, including audit readiness, evidence management, and continuous monitoring activities.
- Oversee compliance with NIST SP 800-171, DFARS cybersecurity requirements, CUI handling standards, and ITAR regulations.
- Develop, maintain, and manage System Security Plans (SSPs), POA&Ms, risk assessments, policies, and security documentation.
- Coordinate internal assessments, customer audits, and C3PAO evaluations while driving remediation efforts.
- Partner with IT, engineering, contracts, and operations teams to implement and sustain cybersecurity controls.
- Monitor cybersecurity risks, vulnerabilities, and compliance gaps, recommending corrective actions and continuous improvements.
- Support incident response, security investigations, and regulatory reporting requirements.
- Manage cybersecurity vendors, tools, and third-party security service providers.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
