Cybersecurity Consultant - CMMC Certified Assessor (CCA) -Remote

Position Description: Gray Analytics is seeking a motivated and dedicated Senior Cybersecurity Consultant that is a recognized CMMC Certified Assessor (CCA) by the CyberAB to assess, advise, and support commercial clients. Other duties may include: • Conduct comprehensive assessments of Defense Industrial Base (DIB) organizational networks and systems to identify any vulnerabilities and to confirm they meet the necessary CMMC level requirements. • Work with organizations to design and implement security measures and controls, in line with CMMC standards, to protect sensitive data and systems from infiltration and cyber-attacks. • Coordinate with various teams within an organization to develop and implement the action plans necessary to achieve CMMC compliance. • Assist organizations with the review and update of existing security policies and procedures to align with evolving CMMC requirements and best practices in cybersecurity. • Prepare detailed reports on the status of an organization's CMMC compliance. • Keep abreast of the latest cybersecurity threats and trends, as well as updates to the CMMC framework. • Achieve utilization targets, complete projects on time and budget, and meet quality standards. • Study, learn, test, document, execute and seek to continuously improve scalable consulting services processes to effectively deliver customer engagements while achieving a high level of customer satisfaction. • Execute project planning, scheduling, and other coordination of internal and customer resources to conduct interviews, meetings, and presentations. • Prepare and deliver thoughtful, insightful, and professional presentations to customers and internal Gray Analytics stakeholders. • Create, review and edit findings, observations, and recommendations reports. • Become knowledgeable of Gray Analytics service offerings, sales process, marketing materials, contract and SOW structure, methodologies, delivery standards, work tools, and processes. • Pursue additional education and stay current on best practices, technical skills, and tools related to the position's duties. • This position has significant interaction with internal and external stakeholders, including colleagues, customers, partners, subcontractors, and potential investors. This position requires a strong customer service orientation and the ability to: • Work independently on a variety of projects simultaneously, • Exercise good judgment and initiative to manage priorities, • Quickly develop trusting relationships with a variety of Defense Industrial Base compliance and information system professionals, • Pose questions and listen to customer responses effectively to draw out essential facts, data, business process descriptions, sensitivities, and perspectives, and • Demonstrate strong organizational abilities, effective writing skills, and communications skills. • Develop presentations with clear messages, and effective slides, and deliver these presentations to senior executives • Lead teams of internal and external stakeholders to drive security projects forward • Identify and manage client engagement risks and issues Budgeted salary for this role is estimated to be between $130,000-$200,000 per year. Required Qualifications: Must be a CMMC Certified Assessor - CCA • Strong understanding and experience with Cybersecurity Risk Management principles with an emphasis on Framework Adoptions. • Specific expertise in at least one of the below frameworks required: • NIST Cybersecurity Framework (NIST CSF) • NIST Risk Management Framework (NIST RMF) • DoD Cybersecurity Policies including DFARS 7012, NIST 800-171 and CMMC • HIPAA Security Rule / HITRUST • ISO 27001 o System and Organizational Controls (SOC) • Center for Internet Security (CIS) • Ability and experience conducting Risk Assessments to include NIST 800-30 and/or CIS RAM methodologies. • In-depth understanding of cyber security policy, tools, threat mitigation techniques, network topologies, and secure network design. • Ability to identify project requirements, develop project costs/schedules, coordinate technical activities, and implement risk mitigation activities. • Experience leading or conducting cyber assessments. • Experience in designing and reviewing system architecture designs. • Excellent technical writing and verbal communication skills. • Ability to present findings and recommendations to an executive team or board. Preferred Qualifications: • CMMC Provisional Assessor (PA) / Certified Assessor (CCA) / Certified Professional (CCP) • Certified Information Systems Security Professional (CISSP) • Certified Information Systems Auditor (CISA) • Certified Information Security Manager (CISM) • Certified Information Privacy Professional (CIPP) • Certified Ethical Hacker (CEH) or equivalent • Certified Incident Handler (ECIH) or equivalent • COMPTIA Security+, GIAC Security Essentials (GSEC), or equivalent Security Requirements: An Active Secret Clearance is required at the time o Apply Now Apply Now