Tenacious Solutions, LLC
CMMC (Cybersecurity Maturity Model Certification) Consultant
Tenacious Solutions, LLC, Arlington, Virginia, United States, 22201
CMMC (Cybersecurity Maturity Model Certification) Consultant
Tenacious Solutions, LLC is seeking a
CMMC (Cybersecurity Maturity Model Certification) Consultant
with an
active secret clearance
to provide guidance and support to our team in achieving compliance with the latest CMMC 2.0 requirements. This is a part-time, flexible position ideal for a subject matter expert with CMMC implementation experience. This position will be mainly remote, but may have occasional on-site requirements in Arlington, VA. Primary Job Duties And Responsibilities
Assess Organizational Readiness: Evaluate current cybersecurity practices and gaps in relation to the three CMMC 2.0 levels (Foundational, Advanced, Expert). CMMC Certification Guidance: Provide expert advice on the steps required to achieve and maintain certifications for Levels 1, 2, 3 and 4. This includes guidance on self-assessments, third-party certifications, and government-led assessments. Compliance Strategy: Develop a comprehensive roadmap for achieving CMMC compliance, including identifying necessary controls and policies, implementing NIST SP 800-171/800-172 requirements, and addressing Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) security. Incident Reporting & Continuous Compliance: Provide guidance on establishing continuous monitoring and compliance processes, including the rapid reporting of security incidents (72-hour notification) and annual affirmations of compliance. Technical Execution: Lead the technical implementation and execution of developed technical strategy. Training & Awareness: Conduct training sessions to understand the CMMC requirements and how to implement appropriate cybersecurity controls. Client Engagement: This role would potentially include consulting with our clients to assess and address CMMC requirements and support implementations. The Ideal Candidate Will Have
Active Secret Clearance or higher required Bachelor’s degree from an accredited university, preferably in an IT-related field. 5+ years of experience in the IT Security / Cybersecurity industry. Over 5 years of experience in cybersecurity consulting, specializing in DoD contracts, compliance frameworks (e.g., NIST SP 800-171), and CMMC implementation. Certification as a CMMC Registered Practitioner (RP), CMMC Assessor (CCA), or Certified CMMC Professional (CCP). Extensive knowledge of CMMC practices, NIST 800-171, and related frameworks (e.g., ISO 27001). Strong understanding of federal cybersecurity regulations such as DFARS and FISMA. Proficient in tools like eMASS and ACAS, with extensive knowledge of cybersecurity standards (NIST 800-171, NIST 800-172). Previous experience working for a CMMC RPO or C3PAO (Candidate or Authorized) is highly desired. Expertise in setting up an authorized CMMC Third Party Assessment Organization (C3PAO). Proficient with new CMMC 2.0 requirements and knowledgeable about the Department of Defense's recently released final rule for the Cybersecurity Maturity Model Certification (CMMC) Program. Experience working with the Defense Industrial Base (DIB) and handling Controlled Unclassified Information (CUI). Prior experience developing Plans of Action and Milestones (POA&M) for cybersecurity compliance. Familiarity with the latest DFARS Clause 252.204-7021 requirements and the implications of the August 2024 CMMC 2.0 updates. Proven ability to conduct gap analyses, remediation planning, and implementation advisory. Ability to track detailed tasks and ensure timely delivery of project deliverables. Ability to work independently and as a part of a team. Critical thinking and ability to balance security requirements with mission needs. Must be well-organized and detail-oriented with the ability to coordinate, prioritize multiple tasks, and be adaptable to change to accomplish assignments. Excellent written and verbal communication skills, with the ability to translate complex compliance details into clear, actionable guidance for non-technical audiences. Seniority level
Mid-Senior level Employment type
Contract Job function
Strategy/Planning and Information Technology Industries
Business Consulting and Services
#J-18808-Ljbffr
Tenacious Solutions, LLC is seeking a
CMMC (Cybersecurity Maturity Model Certification) Consultant
with an
active secret clearance
to provide guidance and support to our team in achieving compliance with the latest CMMC 2.0 requirements. This is a part-time, flexible position ideal for a subject matter expert with CMMC implementation experience. This position will be mainly remote, but may have occasional on-site requirements in Arlington, VA. Primary Job Duties And Responsibilities
Assess Organizational Readiness: Evaluate current cybersecurity practices and gaps in relation to the three CMMC 2.0 levels (Foundational, Advanced, Expert). CMMC Certification Guidance: Provide expert advice on the steps required to achieve and maintain certifications for Levels 1, 2, 3 and 4. This includes guidance on self-assessments, third-party certifications, and government-led assessments. Compliance Strategy: Develop a comprehensive roadmap for achieving CMMC compliance, including identifying necessary controls and policies, implementing NIST SP 800-171/800-172 requirements, and addressing Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) security. Incident Reporting & Continuous Compliance: Provide guidance on establishing continuous monitoring and compliance processes, including the rapid reporting of security incidents (72-hour notification) and annual affirmations of compliance. Technical Execution: Lead the technical implementation and execution of developed technical strategy. Training & Awareness: Conduct training sessions to understand the CMMC requirements and how to implement appropriate cybersecurity controls. Client Engagement: This role would potentially include consulting with our clients to assess and address CMMC requirements and support implementations. The Ideal Candidate Will Have
Active Secret Clearance or higher required Bachelor’s degree from an accredited university, preferably in an IT-related field. 5+ years of experience in the IT Security / Cybersecurity industry. Over 5 years of experience in cybersecurity consulting, specializing in DoD contracts, compliance frameworks (e.g., NIST SP 800-171), and CMMC implementation. Certification as a CMMC Registered Practitioner (RP), CMMC Assessor (CCA), or Certified CMMC Professional (CCP). Extensive knowledge of CMMC practices, NIST 800-171, and related frameworks (e.g., ISO 27001). Strong understanding of federal cybersecurity regulations such as DFARS and FISMA. Proficient in tools like eMASS and ACAS, with extensive knowledge of cybersecurity standards (NIST 800-171, NIST 800-172). Previous experience working for a CMMC RPO or C3PAO (Candidate or Authorized) is highly desired. Expertise in setting up an authorized CMMC Third Party Assessment Organization (C3PAO). Proficient with new CMMC 2.0 requirements and knowledgeable about the Department of Defense's recently released final rule for the Cybersecurity Maturity Model Certification (CMMC) Program. Experience working with the Defense Industrial Base (DIB) and handling Controlled Unclassified Information (CUI). Prior experience developing Plans of Action and Milestones (POA&M) for cybersecurity compliance. Familiarity with the latest DFARS Clause 252.204-7021 requirements and the implications of the August 2024 CMMC 2.0 updates. Proven ability to conduct gap analyses, remediation planning, and implementation advisory. Ability to track detailed tasks and ensure timely delivery of project deliverables. Ability to work independently and as a part of a team. Critical thinking and ability to balance security requirements with mission needs. Must be well-organized and detail-oriented with the ability to coordinate, prioritize multiple tasks, and be adaptable to change to accomplish assignments. Excellent written and verbal communication skills, with the ability to translate complex compliance details into clear, actionable guidance for non-technical audiences. Seniority level
Mid-Senior level Employment type
Contract Job function
Strategy/Planning and Information Technology Industries
Business Consulting and Services
#J-18808-Ljbffr