CMMC Consultant CCP REDSPIN

ABOUT US

Redspin a division of Clearwater is a leading provider of cybersecuritycompliance consulting and managed services for the Defense Industrial Base (DIB). Our solutions enable organizations to avoid preventable breaches protect Department of Defense contractors and their data meet regulatory requirements and optimize cybersecurity investments.

Redspin is a recognized leader in the CMMC space. We were the first Authorized CMMC ThirdParty Assessor Organization (C3PAO) and the first to conduct a passing Joint Surveillance Voluntary Assessment Program (JSVAP) assessment. We are a trusted partner for the Fortune 500 and small to midsize businesses.

POSITION SUMMARY

We are seeking a highly qualified and experienced Cybersecurity Maturity Model Certification (CMMC) Certified Professional to join our team. This position is responsible for ensuring organizations meet the stringent cybersecurity standards set by the United States Department of Defense (DoD). The ideal candidate will have a thorough understanding of the CMMC framework and will utilize this knowledge to facilitate comprehensive cybersecurity solutions for our company.

Applicant must meet the requirements of Department of Defense (DoD) Manual 8140.03: Applicable 612 Certifications (At minimum must posses 1 Intermediate Certification).

The Consultant will dedicate 80 of their time to client billable work which equates to 1664 hours over the course of a calendar year.

SPECIFIC JOB RESPONSIBILITIES

• Conduct comprehensive assessments of Defense Industrial Base (DIB) organizational networks and systems to identify any vulnerabilities and to confirm they meet the necessary CMMC level requirements.
• Work with organizations to design and implement security measures and controls in line with CMMC standards to protect sensitive data and systems from infiltration and cyberattacks.
• Coordinate with various teams within an organization to develop and implement the action plans necessary to achieve CMMC compliance.
• Clearly articulate the CMMC program to an organizations employees at all levels to ensure understanding and adherence to cybersecurity best practices.
• Assist organizations with the review and update of existing security policies and procedures to align with evolving CMMC requirements and best practices in cybersecurity.
• Prepare detailed reports on the status of an organizations CMMC compliance.
• Keep abreast of the latest cybersecurity threats and trends as well as updates to the CMMC framework.
• Achieve utilization targets complete projects on time and budget and meet quality standards.
• Study learn test document execute and seek to continuously improve scalable consulting services processes to effectively deliver customer engagements while achieving a high level of customer satisfaction.
• Execute project planning scheduling and other coordination of internal and customer resources to conduct interviews meetings and presentations.
• Prepare and deliver thoughtful insightful and professional presentations to customers and internal Redspin stakeholders.
• Create review and edit findings observations and recommendations reports.
• Become knowledgeable of Redspins solution and service offerings sales process marketing materials contract and statement of work (SOW) structure methodologies delivery standards work tools and processes.
• Pursue additional education and stay current on best practices technical skills and tools related to the positions duties.
• This position has significant interaction with internal and external stakeholders including colleagues customers partners subcontractors and potential investors. This position requires a strong customer service orientation and the ability to:
• Work independently on a variety of consulting projects simultaneously
• Exercise good judgment and initiative to manage priorities
• Quickly develop trusting relationships with a variety of Defense Industrial Base compliance and information system professionals.
• Pose questions and listen to customer responses effectively to draw out essential facts data business process descriptions sensitivities and perspectives.
• Demonstrate strong organizational abilities effective writing skills and communications skills.
• Develop presentations with clear messages and effective slides and deliver these presentations to senior executives
• Lead teams of internal and external stakeholders to drive security projects forward
• Identify and manage client engagement risks and issues

Requirements

In addition to technical cybersecurity experience and skills the qualified candidate must have demonstrated through experience they possess the soft skills required to drive engagement with customers. The candidate must have experience successfully managing projects meeting deadlines and achieving high levels of quality based on standards.

QUALIFICATIONS SKILLS & KNOWLEDGE

• Bachelors degree in information technology Computer Science or 4 years of equivalent experience in IT security risk management or compliance.
• Current certification as a Certified CMMC Professional (CCP) is preferred or the ability to achieve CCP credential under the CMMC version 2.0 framework is required.
• The ability to achieve a Certified CMMC Assessor (CCA) credential under the CMMC version 2.0 framework is required.
• Indepth knowledge of the CMMC framework NIST SP 800171 and DFARS .
• Excellent problemsolving skills and the ability to function effectively under pressure.
• Superior communication skills with the ability to explain complex security concepts to nontechnical staff.
• Ability to lead projects and drive them to completion.
• Advanced knowledge of various cybersecurity technologies and solutions.
• Selfstarters who can work independently seek out and leverage internal resources when needed proactively take ownership of their work and career and drive engagements to provide the value our customers expect
• Relevant experience and prior success leading and delivering consulting engagements
• Relevant technical training project management training and certifications such as CISSP
• Excellent analytic and problemsolving skills especially in the information systems security and privacy space
• Highly effective verbal communications and presentation skills in a customer setting
• Excellent technical written communication skills in particular regarding information system security and privacy subject matter policies and procedures
• Ability to learn new subject matter and context quickly and to maintain market and subject matter awareness
• Ability to understand SOWs customer proposals project notes deliverables and final reports; assimilate previous experience relevant subject matter data facts and results; and develop relevant questions of colleagues to hasten understanding scenarios methodologies processes and lessons learned.
• Demonstrated ability to work effectively with internal and external stakeholders including colleagues customers partners subcontractors and potential investors.

JOB BENEFITS

• Health dental and vision insurance with an employer contribution
• Flexible paid time off
• A generous 401(k) plan
• Certification reimbursement
• Learning and Development programs
• Social and Cultural Initiatives

Clearwater is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran marital or citizenship status; or any other status protected by law.

If you require a reasonable accommodation to complete an application interview or otherwise participate in the recruiting process please direct your inquiries to a recruiter @or

This employer participates in EVerify and will provide the federal government with your Form I9 information to confirm that you are authorized to work in the U.S.

If EVerify cannot confirm that you are authorized to work this employer is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you including terminating your employment.

Employers can only use EVerify once you have accepted a job offer and completed the form I9.

For more information on EVerify or if you believe that your employer has violated its EVerify responsibilities please contact DHS.