About SecureStrux

We are a team of innovation-driven experts and passionate problem-solvers inspired to learn, grow, and make a difference. Our core values are threaded throughout our environment to empower us to solve our clients’ toughest cybersecurity challenges and make the world a safer place.

If you’re looking to elevate your career, help shape an industry and be part of a company that believes in the individual - Welcome to SecureStrux.

SecureStrux is on a mission to make the world safer by solving our clients’ cybersecurity challenges by assessing, securing, and defending their environments. Our experts are on the cutting edge of the ever-changing threats and newest technology to secure and defend against the increasing challenges of the cybersecurity landscape. We have headquarters in Lancaster, PA, and offices in D.C., and we have top analysts around the country ready to work for our clients.

We are innovative leaders, consultants, and cybersecurity experts; beyond this, we are a team of passionate problem-solvers who thrive with leaders that support continual learning, personal growth, and desire to make a difference.

Thanks to our dedicated teams, we’re growing fast.

We’re looking for a CMMC Consultant for our team.

Position Summary

Provide technical, management, and operational cybersecurity management services to clients in support of meeting Cybersecurity Maturity Model Certification (CMMC), CUI, DFARS, and NIST requirements. Work with clients to conduct CUI / CMMC gap analyses, develop cybersecurity policies, and provide remediation solutions. Maintain oversight of policy/governance framework (compliance, gaps, risk review, and mitigation) as well as identification and documentation of policy exceptions and risk acceptance items. Must be able to work independently, deliver high-quality work within deadlines, and communicate directly with our clients.

The Work You'll Do

· Perform gap analysis against NIST SP 800-171A and CMMC requirements

· Define the assessment scope for CMMC Level 2 assessment requirements.

· Align the Shared Responsibility Matrix (SRM) to the client’s external service providers in support of CMMC assessment requirements.

· Assess security controls and develop risk-based recommendations for technical and non-technical findings

· Write in-depth information security policies and procedures for compliance requirements (e.g., NIST 800-171A, DFARS, CUI, CMMC, ISO 27001/2)

· Establish a plan of action for the remediation of organization-wide weaknesses

· Conduct security assessments and develop strategic plans to address gaps and identified vulnerabilities in order to recommend risk mitigation.

· Manage client projects without supervision or oversight including client phone calls, virtual meetings (MS Teams, Zoom), and in-person meetings, as required.

· Implement cyber security action plans or remediation activity as required for information systems hosted on-premises or in the cloud.

· Monitor compliance with the security controls for CMMC, CUI, FedRAMP, and DoD Impact Levels.

· Assist business development in the sales process for CMMC/CUI opportunities

· Perform other duties as assigned.

· Provide support as technical SME for calls and proposals for both Federal (public) and Commercial (private) sectors.

· Participate in recruiting process as needed.

· Attending and speaking at industry events.

What You'll Bring

· Industry certification preferred (e.g., CompTIA Security+, CISSP, CISA)

· Certified CMMC Professional (CCP) is a plus

· Minimum 3-5 years of working experience in a cybersecurity role.

· In-depth understanding of cybersecurity concepts and principles from a technical, non-technical, and organizational perspective.

· Preferrable hands-on experience working in a CMMC or DFARS consulting role.

· Experienced with conducting cybersecurity risk assessments and gap analyses.

· Experienced with assessing technical, operational, and administrative/management security controls.

· Full life cycle cybersecurity project support (start to finish).

· Ability to write complete cybersecurity policies and procedures based on CMMC and NIST SP 800-171A standards.

· Development of System Security Plans (SSPs) and Plans of Action & Milestones (POA&Ms).

· Minimum 1 year of project management experience.

Bonus Points

· Knowledge of technical mechanisms to implement controls, such as operating system platforms, multi-factor authentication, SIEM, logging, access control, network security concepts, and physical security.

· Strong interpersonal skills and business acumen

· Develop and grow lasting relationships with clients and other cybersecurity professionals

· Deliver clear, actionable, and measurable reports

· Strong writing and communications skills

· Develop and apply complex concepts using strong analytical skills

· Deliver high-quality work within a reasonable turnaround time.

· Demonstrated problem-solving skills.

· Experienced applicants with a documented history of technical writing, knowledge management, and governance, risk, and compliance will be considered.

· Cloud security certifications will be a plus.

· US Veteran/ US Government Service (GS) experience

· Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

· Secret Security or ability to obtain

What We Offer

Connection, freedom, and growth are a few things you will encounter at SecureStrux. We prioritize a flexible and supportive culture of ownership, the freedom to innovate, and professional growth.

You will enjoy remarkable team synergy that extends across our entire company. Be part of a supportive, collaborative team that drives accountability. We embolden employees with the freedom to be thought leaders and inspire innovators.

We support our employees in advancing their career goals. Our management and leadership teams are available to help you by providing opportunities for growth, guidance, and career support. With LabStrux, our virtual environment, you can evaluate new technologies, test out new solutions and service offerings, and enhance your skills and proficiency.

SecureStrux offers competitive benefits and perks to support you and your family, like flexible time off, a generous Professional Development benefit, 401K/Roth, and comprehensive insurance options.

Visit our website for more information https://securestrux.com/

SecureStrux LLC is an equal opportunity employer. All aspects of employment, including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. We celebrate diversity and do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity, or expression, veteran status, or any other status protected under federal, state, or local law.

Transparency is integral to the way we do business. Our salaries are based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. This job post is open to work anywhere within the continental United States (except CO & NY) and is remote with travel.

Job Type: Full-time

Schedule:

• 8 hour shift

Application Question(s):

• List all relevant certifications (e.g., CompTIA Security+, CISSP, CISA, CCP)
• Do you have Knowledge of technical mechanisms to implement controls, such as operating system platforms, multi-factor authentication, SIEM, logging, access control, network security concepts, and physical security.
• How many years of experience do you have writing complete cybersecurity policies and procedures based on CMMC and NIST SP 800-171A standards

Experience:

• hands-on working in a CMMC or DFARS consulting role: 2 years (Required)
• conducting cybersecurity risk assessments and gap analyses: 3 years (Required)
• cybersecurity role: 3 years (Required)

Security clearance:

• Secret (Preferred)

Work Location: Remote

Please Note :
www.epokagency.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, www.epokagency.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.