Cybersecurity Consultant - CMMC Certified Assessor (CCA) -Remote

Position Description: Gray Analytics is seeking a motivated and dedicated Senior Cybersecurity Consultant that is a recognized CMMC Certified Assessor (CCA) by the CyberAB to assess, advise, and support commercial clients. Other duties may include:

• Conduct comprehensive assessments of Defense Industrial Base (DIB) organizational networks and systems to identify any vulnerabilities and to confirm they meet the necessary CMMC level requirements.
• Work with organizations to design and implement security measures and controls, in line with CMMC standards, to protect sensitive data and systems from infiltration and cyber-attacks.
• Coordinate with various teams within an organization to develop and implement the action plans necessary to achieve CMMC compliance.
• Assist organizations with the review and update of existing security policies and procedures to align with evolving CMMC requirements and best practices in cybersecurity.
• Prepare detailed reports on the status of an organization's CMMC compliance.
• Keep abreast of the latest cybersecurity threats and trends, as well as updates to the CMMC framework.
• Achieve utilization targets, complete projects on time and budget, and meet quality standards.
• Study, learn, test, document, execute and seek to continuously improve scalable consulting services processes to effectively deliver customer engagements while achieving a high level of customer satisfaction.
• Execute project planning, scheduling, and other coordination of internal and customer resources to conduct interviews, meetings, and presentations.
• Prepare and deliver thoughtful, insightful, and professional presentations to customers and internal Gray Analytics stakeholders.
• Create, review and edit findings, observations, and recommendations reports.
• Become knowledgeable of Gray Analytics service offerings, sales process, marketing materials, contract and SOW structure, methodologies, delivery standards, work tools, and processes.
• Pursue additional education and stay current on best practices, technical skills, and tools related to the position's duties.
• This position has significant interaction with internal and external stakeholders, including colleagues, customers, partners, subcontractors, and potential investors. This position requires a strong customer service orientation and the ability to:
• Work independently on a variety of projects simultaneously,
• Exercise good judgment and initiative to manage priorities,
• Quickly develop trusting relationships with a variety of Defense Industrial Base compliance and information system professionals,
• Pose questions and listen to customer responses effectively to draw out essential facts, data, business process descriptions, sensitivities, and perspectives, and
• Demonstrate strong organizational abilities, effective writing skills, and communications skills.
• Develop presentations with clear messages, and effective slides, and deliver these presentations to senior executives
• Lead teams of internal and external stakeholders to drive security projects forward
• Identify and manage client engagement risks and issues Budgeted salary for this role is estimated to be between $130,000-$200,000 per year. Required Qualifications: Must be a CMMC Certified Assessor - CCA
• Strong understanding and experience with Cybersecurity Risk Management principles with an emphasis on Framework Adoptions.
• Specific expertise in at least one of the below frameworks required:
• NIST Cybersecurity Framework (NIST CSF)
• NIST Risk Management Framework (NIST RMF)
• DoD Cybersecurity Policies including DFARS 7012, NIST 800-171 and CMMC
• HIPAA Security Rule / HITRUST
• ISO 27001 o System and Organizational Controls (SOC)
• Center for Internet Security (CIS)
• Ability and experience conducting Risk Assessments to include NIST 800-30 and/or CIS RAM methodologies.
• In-depth understanding of cyber security policy, tools, threat mitigation techniques, network topologies, and secure network design.
• Ability to identify project requirements, develop project costs/schedules, coordinate technical activities, and implement risk mitigation activities.
• Experience leading or conducting cyber assessments.
• Experience in designing and reviewing system architecture designs.
• Excellent technical writing and verbal communication skills.
• Ability to present findings and recommendations to an executive team or board. Preferred Qualifications:
• CMMC Provisional Assessor (PA) / Certified Assessor (CCA) / Certified Professional (CCP)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Information Privacy Professional (CIPP)
• Certified Ethical Hacker (CEH) or equivalent
• Certified Incident Handler (ECIH) or equivalent
• COMPTIA Security+, GIAC Security Essentials (GSEC), or equivalent Security Requirements: An Active Secret Clearance is required at the time o

Apply tot his job Apply To this Job