Senior GRC Engineer – CMMC

October 16

Apply Now

Receive Emails with Similar Jobs

Workstreet

WebsiteLinkedInAll Job Openings

Cybersecurity • Compliance • B2B

Workstreet is a managed security and compliance services provider that helps businesses automate and modernize their security programs. With expertise in compliance frameworks including SOC 2, ISO 27001, HIPAA, and GDPR, Workstreet supports companies in achieving their security and compliance outcomes efficiently. Their services include acting as a virtual Chief Information Security Officer (vCISO), full-scale penetration testing, and vendor risk management, aiming to streamline security processes while allowing businesses to focus on growth.

11 - 50 employees

Founded 2023

🔒 Cybersecurity

📋 Compliance

🤝 B2B

📋 Description

• Analyze CMMC and NIST SP 800-171 controls to ensure client compliance with Department of Defense cybersecurity standards. • Create and manage System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), and other required CMMC documentation. • Perform readiness reviews to identify and address control deficiencies for organizations pursuing CMMC certification. • Partner with clients to close cybersecurity gaps and achieve CMMC Level 1 and Level 2 compliance. • Support clients through assessments and coordinate activities with Certified Third-Party Assessment Organizations (C3PAOs). • Oversee multiple client engagements, ensuring milestones and deliverables are met ahead of contract deadlines. • Mentor and guide a team of compliance professionals to achieve project goals and maintain quality standards. • Stay informed on CMMC 2.0 developments and DoD cybersecurity policies to ensure client programs remain compliant.

🎯 Requirements

• 5+ years of experience in defense contractor compliance, CMMC, NIST 800-171, NIST 800-53, or FedRAMP implementation • 3+ years of leadership experience managing or guiding a small team • Deep understanding of CUI handling requirements and DFARS clauses (252.204-7012, 252.204-7019, 252.204-7020, 252.204-7021) • Experience with NIST SP 800-171 control implementation and assessment • Familiarity with DoD supply chain requirements and defense contractor workflows • Experience working with small to mid-sized defense contractors • Knowledge of common GCC High, Azure Government, or AWS GovCloud environments • Ability to obtain U.S. public trust security clearance.

🏖️ Benefits

• Health insurance • 401(k) matching • Flexible work hours • Paid time off • Remote work options