Offer summary

Qualifications:

CISM, CISA, CySA+ or CISSP certification required, Knowledge of CMMC Level 2 / NIST 800-171, In-depth understanding of DoD CUI program, Knowledge of Microsoft cloud solutions.

Key responsabilities:

Lead projects for CMMC/NIST implementation

Develop and maintain compliance documentation

Job description

Position Summary:

The Senior Cybersecurity Compliance Manager is responsible for the implementation of CMMC / NIST 800-171 cybersecurity requirements for an assigned portfolio of managed services clients. This is accomplished through the development of documentation including policies, procedures and supporting material.

Key Responsibilities and Duties:

Serves as project lead for the implementation of projects for the implementation of CMMC / NIST 800-171 cybersecurity requirements.

Provide collaborative business process analysis and environment scoping guidance to clients to allow for cybersecurity requirements to be implemented both efficiently and effectively.

Develop and maintain documentation for both internal and client use including inventories, policies, procedures, scheduling documents and technical diagrams.

Works closely with and leverages the expertise of Technical Engineering, Security Operations and Compliance Teams for the buildout of compliant information systems.

Ensures that requirements, once implemented, are sustained by creating standardized procedures for ongoing execution by both the client and OSIbeyond Technical Engineering, Security Operations and Compliance teams.

Assist with client audits and assessments by compiling documentation and evidence for third party auditors

Work closely with OSIbeyond CISO and CTO to ensure technical solutions and configurations are aligned with compliance objectives and client shared responsibility matrices for the delivery of compliant managed services.

Job Qualifications:

Core Competancies

Timeliness – Meets deadlines - Completes work in a timely manner.

Reliability – Achieves commitments - Arrives to work and meetings when scheduled/expected.

Attitude – Has a positive attitude about performing their job.

Organization – Manages their own work and schedule

Accountability – Takes responsibility for actions and resolves own mistakes

Receptive – Open to feedback and willing to grow and improve

Adaptable – Flexible and open to change

Integrity – High work ethic and integrity

Follow through – Ensures work completion

Quality – Complete all work with a high level of detail and accuracy

Professionalism – Conduct oneself in an all-round professional manner

Communication – Communicate effectively

Team – Available and supportive of coworkers

Abilities

Knowledge of core Microsoft cloud solutions including Office 365 and how they are commonly used in SMB environments

In-depth understanding CMMC Level 2 / NIST 800-171 Rev 2 requirements and their associated DFARS clauses

Able to evaluate proposed assessment objective responses and supporting evidence for viability during a CMMC assessment

Understanding of the DOD CUI program, including expectations for both DOD and contractors regarding compliant labeling, handling, storage and destruction of CUI data.

Provide accurate analysis and environment scoping guidance to clients to ensure proposed solutions are aligned with compliance controls in the most efficient manner

Remediate POA&M deficiencies by developing necessary policies, processes, and procedures

Assist with client audits and assessments by providing timely, accurate documentation and evidence to third party auditors.

Security Responsibilities

Complete training for and maintain awareness of cybersecurity risks including insider threat, and appropriate handling of CUI and other regulated data.

Treat client data and OSIbeyond data as sensitive, and do not disclose, release or otherwise transfer it outside of OSIbeyond or client environments without written permission.