We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
Back to search results / More jobs like this
Back to search results
Forvis Mazars, LLP jobs

Lead Consultant, CMMC Cybersecurity Assessor

Forvis Mazars, LLP
United States, Virginia, Tysons
1410 Spring Hill Road (Show on map)
Mar 31, 2025


General information
Name
Consulting - IT Risk & Compliance - CMMC Cybersecurity Assessor - Lead Consultant
Posting Title
Lead Consultant, CMMC Cybersecurity Assessor
Ref #
2234798
Date Published
Monday, March 31, 2025
City
Charlotte
State
North Carolina
Country
United States
Job Category
Risk Advisory
Office
IT Risk & Compliance (Forvis)
Advertised Location
US-FL-Tampa Bay, US-GA-Atlanta, US-NC-Charlotte, US-TX-Dallas, US-VA-Tysons
Working time
Full Time

Description & Requirements
Our IT Risk & Compliance Advisory practice combines industry expertise and innovative solutions to help global companies exceed their strategic objectives. With a global footprint, our portfolio of fortune 1000 services clients spans industries including banking and finance, insurance, healthcare, and manufacturing, from large to middle markets.
Your New Career Challenge
Daily, you will have the opportunity to learn and work alongside a broad mix of highly talented subject matter leaders and team members both at Forvis Mazars and at our clients. You will have an environment to explore and experience emerging, and relevant topics based on your interests and alignment to your short and long-term career goals.
This role will be primarily focused on supporting CMMC consulting and assessment projects with U.S. Department of Defense contractor clients of all size, complexity, and industry, including international and Fortune 1000 companies. The right individual will help lead projects as an experienced subject matter resource with previous experience with various US federal compliance frameworks, including CMMC / NIST 800-171, FISMA, FedRAMP, and NIST CSF.
How you will contribute:
  • Help execute information security risk and compliance assessments against federal and other government required cyber frameworks, including the Cybersecurity Maturity Model Certification (CMMC), NIST 800-171, NIST 800-53, FedRAMP/StateRAMP, and the NIST Cybersecurity Framework, among others.
  • Assesses IT environments and identifies gaps and vulnerabilities that impair compliance with required standards and assists with the documenting of clear reporting with proof-of-concept and recommendations.
  • Lead and conduct assessments based upon NIST 800-171, designed to comply with CMMC Level 2 certification assessments.
  • Participate on consulting teams with large enterprise clients in multiple industries to:
    • Assist organizations with defining boundaries of in-scope systems.
    • Assisting clients with documentation development, including system security plans (SSP), policies/procedures, strategy development, and plans of action and milestones (POAMs).
    • Define and integrate solutions, including tools, processes, and data flows to maintain required compliance obligations and reduce cyber risk.
  • Effectively manage multiple projects concurrently, helping define and drive project management to keep projects on schedule and within budget.
  • Help identify and define new strategic service offerings in the federal cyber compliance industry, build out solutions and roadmaps, and help train more junior team members in federal cyber compliance frameworks and client projects
Minimum Qualifications:
  • Associate's Degree in Cybersecurity, MIS, Computer Science, or a similar discipline or 6 years of relevant industry experience
  • Experience providing consulting, assessment, or implementation services associated with federal cyber compliance frameworks, including NIST 800-171, FISMA, or FedRAMP.
  • Working knowledge of cyber risk management frameworks (CMMC / NIST 800-171, FISMA, FedRAMP, NIST Cybersecurity Framework, NIST SP 800-53)
  • General knowledge of common compliance frameworks (PCI DSS, ISO 27001, HIPAA/HITRUST)
  • At least 4 years of experience in cybersecurity, IT audit, or governance, risk, and compliance required, including 1 - 2 of the following frameworks:
    • NIST Cybersecurity Framework (CSF)
    • Cybersecurity Maturity Model Certification (CMMC) and/or NIST SP 800-171
    • Payment Card Industry Data Security Standard (PCI DSS) oISO 27001 / 27002
    • FedRAMP / StateRAMP
    • FISMA and NIST SP 800-53 oCIS Critical Security Controls
  • Must have a CMMC Certified Assessor (CCA) credential.
Preferred Qualifications:
  • Bachelor's Degree in Cybersecurity, MIS, Computer Science, or a similar discipline
  • Cybersecurity and/or privacy related certifications (e.g., CISSP, CISA, CISM, QSA, CIPP, etc.)
  • Previous professional services or consulting experience
#LI-TPA, #LI-ATL, #LI-CLTSP, #LI-DFW, #LI-TYS
#LI-GM1

Applied = 0
MORE JOBS LIKE THIS
#alert

(web-6468d597d4-m4rwd)