MYCPE ONE - Cyber Security Compliance Manager (4-8 yrs)

Compliance Manager

- We are seeking highly skilled professionals with in-depth experience in NIST standards and frameworks, as well as expertise in performing FedRAMP, State RAMP, or CMMC assessments and engagements.

- The ideal candidate will have a strong understanding of federal cybersecurity compliance and regulations, as well as a proven track record of supporting organizations through compliance processes.

Key Responsibilities:

- Lead, manage, and execute NIST-based cybersecurity compliance engagements for federal, state, and private sector clients.

- Assist in the planning, execution, and assessment of FedRAMP, StateRAMP, and CMMC readiness assessments, and provide guidance for achieving certification.

- Collaborate with stakeholders to assess the security posture of cloud and IT systems and recommend improvements in line with NIST 800-53, NIST 800-171, NIST Cybersecurity Framework, and other relevant frameworks.

- Develop and review security policies, procedures, and risk assessments to ensure they align with NIST and other regulatory requirements.

- Review system security plans (SSPs), security controls, and other documentation for compliance with federal and state security standards.

- Conduct gap analyses, risk assessments, and vulnerability assessments to identify areas of non-compliance and propose corrective actions.

- Provide hands-on assistance with control selection, control implementation, and control testing for NIST-based frameworks (e.g., NIST 800-53, NIST 800-171, NIST SP 800-37).

- Assist with creating, submitting, and managing required documentation for FedRAMP, StateRAMP, and CMMC certification packages.

- Support clients through the assessment and continuous monitoring phases of compliance to ensure adherence to established security standards.

- Stay up-to-date with changes to regulatory requirements and industry best practices.