Security Compliance Consultant (NIST/CMMC)

Own The Role:
SP6 is looking for a Compliance SME wanting to take the next step in their career! In this role, you will help to spearhead a one of a kind CMMC platform to automate evidence collection.    
   
Joining our Compliance team, you will see your impact across the company as you take ownership over customer projects and advising our platform team on the different compliance rules.    
   
From there, you will be supporting Defense Industrial Base (DiB) companies to ensure they are CMMC and/or NIST 800-171 compliant. You will accomplish this through providing pre-audit readiness and GAP assessments, post assessment plans of action and milestones (POAM), and Compliance as a Service (CaaS).   

How You’ll Drive Success:

• Leading cybersecurity readiness assessments including maturity assessments using the Cybersecurity Maturity Model Certification (CMMC) model.   
• Supporting the day-to-day activities of engagements for external clients, as a contributing member if SP6’s customer-facing Cyber Risk & Compliance practice. In this role, you will assist external customers in their FedRAMP, DFARS, CMMC, and NIST 800-171 compliance initiatives.  
• Understanding of control standards NIST 800-171, CMMC, and control testing strategies.   
• Applying cyber compliance / risk management knowledge, control principles and technical knowledge across cyber risk and compliance engagements.   
• Develop and deliver training to internal teams and customers.   
• Consulting with end clients to gather requirements and understand our clients' key business and security challenges. Working with team members to advise on practical and cost-effective solutions to help mitigate our clients’ cybersecurity risks and challenges. 
• In depth knowledge of relevant security regulatory compliance requirements and translating those into business processes and security controls to enhance and support client’s compliance and audit capabilities.   
• Articulating and defending IT controls testing approach and performing test of design and operating effectiveness.
• Establishing and maintaining effective working relationships with colleagues, existing clients, and prospective client organizations.  
• Supporting the platform team and advising them on SP6’S CMMC software on what rules get built into the software.  

To Be Successful:

• 3 years of experience testing and documenting IT security controls including experience managing and facilitating client control testing efforts
• 1 years of experience leading external and internal auditors, e.g., CMMC
• 2 years of experience creating technical documentation and compliance reports
• 1 years of experience building security programs in alignment with NIST, CSF, NIST 800-53 and/or NIST 800-171
• 1 years of experience with Cloud Security
• CMMC Certified Assessor (CCA) or Certified Professional (CCP)
• CISSP, CISM, CISA, CRISC or other related certification
• Self-driven, with a strong desire to succeed
• Ability to engage with customers/executives and foster positive relationships
• Exceptional communicator and ability to relay complex technical concepts to non-technical audience

Why SP6?

• Recognized as one of North America’s top professional service partners.
• The chance to be part of a winning team and a premier Splunk partner.
• Competitive salary and OTE.
• 100% employer-paid health insurance (Gold-rated plan).
• 401(k) with company match.
• 30 days of annual paid time off (4 weeks Paid Time Off + Holidays)
• Significant Training and Development and Certification attainment.
• Opportunity for long-term career advancement.
• Your contributions are felt and recognized by our growing company.
• Grown over 100% in the last 2 years.

About SP6:
SP6 is a niche technology firm advising organizations on how to best leverage the combination of big data analytics and automation across distinct (3) practice areas:
 

• Cybersecurity Operations and Cyber Risk Management (including automated security compliance and security maturity assessments).
• Fraud detection and prevention
• IT and DevOps Observability and Site Reliability

Each of these distinct domains is supported by SP6 team members with subject matter expertise in their respective disciplines.

SP6 provides Professional Services as well as ongoing Co-Managed Services in each of these solution areas.  We also assist organizations in their evaluation and acquisition of appropriate technology tools and solutions.  SP6 operates across North America and Europe.


#LI-REMOTE