ABOUT CASK
At Cask, we foster a culture of innovation, collaboration, and continuous learning. We value integrity, excellence, and a commitment to cybersecurity best practices. Our team is dedicated to staying at the forefront of cybersecurity while maintaining a supportive and inclusive work environment.
POSITION SUMMARY
We are seeking a highly qualified and experienced Cybersecurity Maturity Model Certification (CMMC) Certified Assessor to join our team. This position is responsible for ensuring our organization meets the stringent cybersecurity standards set by the Department of Defense (DoD) in the United States. The ideal candidate will have a thorough understanding of the CMMC framework and will utilize this knowledge to facilitate comprehensive cybersecurity solutions for our company.
SPECIFIC JOB RESPONSIBILITIES
• Conduct comprehensive assessments of Defense Industrial Base (DIB) organizational networks and systems to identify any vulnerabilities and to confirm they meet the necessary CMMC level requirements.
• Work with organizations to design and implement security measures and controls, in line with CMMC standards, to protect sensitive data and systems from infiltration and cyber-attacks.
• Coordinate with various teams within an organization to develop and implement the action plans necessary to achieve CMMC compliance.
• Assist organizations with the review and update of existing security policies and procedures to align with evolving CMMC requirements and best practices in cybersecurity.
• Prepare detailed reports on the status of an organization’s CMMC compliance.
• Keep abreast of the latest cybersecurity threats and trends, as well as updates to the CMMC framework.
• Achieve utilization targets, complete projects on time and budget, and meet quality standards.
• Study, learn, test, document, execute and seek to continuously improve scalable consulting services processes to effectively deliver customer engagements while achieving a high level of customer satisfaction.
• Execute project planning, scheduling, and other coordination of internal and customer resources to conduct interviews, meetings, and presentations.
• Prepare and deliver thoughtful, insightful, and professional presentations to customers and internal Cask stakeholders.
• Create, review and edit findings, observations, and recommendations reports.
• Become knowledgeable of Cask’s service offerings, sales process, marketing materials, contract and SOW structure, methodologies, delivery standards, work tools, and processes.
• Pursue additional education and stay current on best practices, technical skills, and tools related to the position’s duties.
• This position has significant interaction with internal and external stakeholders, including colleagues, customers, partners, subcontractors, and potential investors. This position requires a strong customer service orientation and the ability to:
o Work independently on a variety of projects simultaneously,
o Exercise good judgment and initiative to manage priorities,
o Quickly develop trusting relationships with a variety of Defense Industrial Base compliance and information system professionals,
o Pose questions and listen to customer responses effectively to draw out essential facts, data, business process descriptions, sensitivities, and perspectives, and
o Demonstrate strong organizational abilities, effective writing skills, and communications skills.
o Develop presentations with clear messages, and effective slides, and deliver these presentations to senior executives
o Lead teams of internal and external stakeholders to drive security projects forward
o Identify and manage client engagement risks and issues
REMOTE WORK OPTIONS
While this position requires some on-site presence and travel for certain assessments and meetings, we offer flexible remote work options for a significant portion of the job duties.
REQUIREMENTS
In addition to technical cybersecurity experience and skills, the qualified candidate must have demonstrated through experience that she/he has the soft skills required to drive engagement with customers. She/he must have experience successfully managing projects, meeting deadlines, and achieving high levels of quality based on standards. Applicants must meet the requirements of Department of Defense (DoD) Manual 8140.03: Applicable 612 Certifications (At minimum, must possess 1 Intermediate Certification).
QUALIFICATIONS, SKILLS, & KNOWLEDGE
• Bachelor’s degree in information technology, Computer Science, or 4+ years of equivalent experience in IT security, risk management, or compliance.
• Current certification as a Certified CMMC Professional (CCA) is preferred, or the ability to achieve CCA credential under the CMMC version 2.0 framework is required.
• Proven experience in a role focused on IT security, risk management, or compliance.
• In-depth knowledge of the CMMC framework, NIST SP 800-171, DFARS 252.204-7012 and associated Department of Defense (DoD) regulations.
• Excellent problem-solving skills and the ability to function effectively under pressure.
• Superior communication skills with the ability to explain complex security concepts to non-technical staff.
• Ability to lead projects and drive them to completion.
• Advanced knowledge of various cybersecurity technologies and solutions.
• Drive to constantly improve what and how we deliver value to our customers
• Self-starters who can work independently, seek out and leverage internal resources when needed, proactively take ownership of their work and career, and drive engagements to provide the value our customers expect
• Relevant experience and prior success leading and delivering consulting engagements
• Relevant technical training, project management training, and certifications such as CISSP
• Excellent analytic and problem-solving skills, especially in the information systems, security, and privacy space
• Highly effective verbal communications and presentation skills in a customer setting
• Excellent technical written communication skills, in particular, regarding information system, security and privacy subject matter, policies and procedures
• Experience with creating and executing repeatable work processes and procedures
• Experience with providing technical/product support services within a sales process
• Ability to learn new subject matter and context quickly and to maintain market and subject matter awareness
• Ability to understand SOWs, customer proposals, project notes, deliverables, and final reports; assimilate previous experience, relevant subject matter, data, facts, and results; and develop relevant questions of colleagues to hasten understanding scenarios, methodologies, processes, and “lessons learned.”
• Demonstrated ability to work effectively with internal and external stakeholders, including colleagues, customers, partners, subcontractors, and potential investors.
Cask is an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, among other things, or status as a qualified individual with a disability.
EEO/Employer/Vet/Disabled