Company Overview:
TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capabilities include Program Management, Program Oversight, Process Audit, Intelligence Analysis, Cyber Security, NIST SP 800-171 / CMMC Consulting/Assessment/Compliance, Zero Trust, Resiliency, Computer Forensics, Software Supply Chain Assurance, Software Testing, Test Automation, Section 508 and WCAG Accessibility Assessment and Remediation, Localization Testing, Independent Verification and Validation (IV&V), Quality Assurance (QA), Compliance, and Research and Development (R&D) services. TestPros is an Equal Opportunity Employer.
We are seeking an experienced CMMC (Cybersecurity Maturity Model Certification) Consultant to provide guidance and support to our team in achieving compliance with the latest CMMC 2.0 requirements. The consultant will work with our clients to help them navigate CMMC levels 1-3 and ensure continuous compliance with DoD cybersecurity regulations. This is a part-time, flexible position ideal for a subject matter expert with CMMC implementation experience.
Key Responsibilities:
- Assess Organizational Readiness: Evaluate current cybersecurity practices and gaps in relation to the three CMMC 2.0 levels (Foundational, Advanced, Expert).
- CMMC Certification Guidance: Provide expert advice on the steps required to achieve and maintain certifications for Levels 1, 2, 3 and 4. This includes guidance on self-assessments, third-party certifications, and government-led assessments.
- Compliance Strategy: Develop a comprehensive roadmap for achieving CMMC compliance, including identifying necessary controls and policies, implementing NIST SP 800-171/800-172 requirements, and addressing Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) security.
- Subcontractor Oversight: Assist prime contractors in ensuring that subcontractors meet CMMC certification requirements, implementing a robust supply chain compliance management system.
- Incident Reporting & Continuous Compliance: Provide guidance on establishing continuous monitoring and compliance processes, including the rapid reporting of security incidents (72-hour notification) and annual affirmations of compliance.
- Training & Awareness: Conduct training sessions for internal teams and contractors to understand the CMMC requirements and how to implement appropriate cybersecurity controls.
Qualifications:
Experience:
- Over 5 years of experience in cybersecurity consulting, specializing in DoD contracts, compliance frameworks (e.g., NIST SP 800-171), and CMMC implementation
- Certified CMMC Professional (CCP)
- Certified CMMC Assessor (CCA)
- Certified DOD CMMC assessor https://cyberab.org/CMMC-Ecosystem/Ecosystem-Roles/Assessing-and-Certification
- Expertise in setting up an authorized CMMC Third Party Assessment Organization (C3PAO)
- Proficient with new CMMC 2.0 requirements and knowledgeable about the Department of Defense's recently released final rule for the Cybersecurity Maturity Model Certification (CMMC) Program.
- Experience working with the Defense Industrial Base (DIB) and handling Controlled Unclassified Information (CUI).
- Prior experience developing Plans of Action and Milestones (POA&M) for cybersecurity compliance.
- Familiarity with the latest DFARS Clause 252.204-7021 requirements and the implications of the August 2024 CMMC 2.0 updates.
Technical Skills:
- Strong understanding of federal cybersecurity regulations such as DFARS and FISMA.
- Proficient in tools like eMASS and ACAS, with extensive knowledge of cybersecurity standards (NIST 800-171, NIST 800-172).
Communication:
- Excellent written and verbal communication skills, with the ability to translate complex compliance details into clear, actionable guidance for non-technical audiences.
Clearance:
- Active or recently active DoD security clearance (preferred but not required).
Compensation:
- Competitive hourly rate, based on experience.
- Flexible schedule with the possibility of extended contract work.
Benefits
TestPros offers a competitive salary, medical/dental/vision insurance, life insurance, paid time off, paid holidays, 401(k) retirement plan with company match, opportunities for professional growth, cell phone discounts, and much more! All benefits are per TestPros current policies and are subject to change without notice. Benefits are available to full-time employees.
TestPros, Inc. is an Equal Opportunity Employer.
EEO Statement
All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, marital status, age, national origin, or protected veteran status.