[Hiring] Compliance Consultant @C3 Integrated Solutions

Role Description

The Compliance Consultant plays a lead role in the development and management of a Governance, Risk, and Compliance (GRC) program within client organizations. This role works collaboratively with client stakeholders including business leaders and internal IT, as well as C3’s professional services and managed services teams and third-party service providers.

To assist the client in achieving and maintaining compliance, the Compliance Consultant will:

• Document the flow of sensitive and controlled data types through existing business processes
• Determine a system scope (technology, people, business processes) for compliance
• Collaborate with customers, technical, and functional teams to define, document, and deliver security documentation and artifacts
• Assess the current implementation of applicable technical and non-technical requirements (e.g., CMMC, DFARS, FAR, export controls)
• Develop and manage System Security Plan(s), policies, and procedures
• Manage customer expectations, internal and external resources, and relevant third parties to ensure engagements are successful
• Develop and maintain subject matter expertise in the laws, regulations, and government-wide policies that govern cybersecurity data protection for the U.S. Defense Industrial Base, including:
  • DFARS (NIST SP 800-171, FedRAMP equivalency)
  • CMMC (Levels 1 & 2, boundary scoping)
  • CUI Program (NARA CUI Registry, CUI/CDI/CTI, FCI)
  • Export controls (ITAR/EAR)
• Provide ongoing advisory to clients on issues related to security and compliance
• Assist team members with client needs as needed

Qualifications

• Strong communicator interested in a fast-paced career in security consulting and professional services
• Confident, positive, and empathetic with a passion for details
• Hands-on experience managing compliance programs
• Proven history of delivering excellent work
• Background in IT/IS, compliance and risk management, or management consulting is desirable
• In-depth experience with one or more security frameworks (e.g., CMMC, NIST, CIS, MITRE ATT&CK)
• Hands-on experience implementing NIST SP 800-171 or SP 800-53 is required
• 7 or more years of experience implementing cybersecurity requirements for Department of Defense contractors (DFARS 252.204-7012, NIST SP 800-171) or federal information systems (RMF, NIST SP 800-53)
• Very strong written and verbal communication skills
• High emotional intelligence and interpersonal skills
• Strong organizational and time management skills
• Ability to remain calm under pressure and be adaptable
• Ability to cross-train into other specialties
• Understanding of the cybersecurity product/vendor landscape and current security best practices
• Subject matter expertise in CMMC assessment and certification requirements
• Awareness of U.S. export control requirements under ITAR and EAR
• Occasional (<10%) travel to various work sites throughout the U.S. may be required
• US Citizens only
• Veteran preferred

Requirements

• Professional certifications such as the Cyber AB’s CCP or CCA, or other industry credentials such as CISSP, CISM, CISA, or similar
• Experience leveraging Microsoft cloud services (Azure, Office 365) to meet compliance requirements
• Experience consulting with multiple clients at the same time
• Bachelor’s degree or higher in technology, engineering, or related field
• Ability to obtain U.S. government security clearance

Benefits

• To be a part of one of the fastest-growing companies in America, and a talented team to back you up
• An awesome culture, backed up by winning several Best Places to Work awards
• Remote work opportunities
• Medical, Dental, Vision Insurance
• Four Weeks of Paid Time Off (vacation & sick leave)
• Four weeks of Paid Maternity and Paternity leave
• Two days of Paid Volunteer Time
• 401(k) with 4% Company Match
• Company Bonus Structure
• Tuition Reimbursement
• Employer-sponsored Disability & Life Insurance
• Professional Development
• This is a remote position with minimal travel