Boston Government Services
Lead CMMC Certified Assessor (CCA)
Boston Government Services, Los Alamos, New Mexico, us, 87545
Overview
Lead CMMC Certified Assessor
is responsible for the performance of cybersecurity framework assessments to determine compliance with Government-mandated cybersecurity regulatory requirements. This position is primarily responsible for Cybersecurity Maturity Model Certification (CMMC) for Maturity Levels 1, 2, and 3, National Institute of Standards and Technology Special Publication - NIST SP 800-171, and NIST SP 800-172 assessments but may also be asked to conduct assessments against NIST SP 800-53 Risk Management Framework (RMF), International Organization for Standardization - ISO 27001, Center for Internet Security, the NIST Cybersecurity Framework.
Responsibilities
Maintain CMMC documentation for BGS as a Certified Third-Party Assessor Organization (C3PAO) within the CMMC Ecosystem.
Conduct cybersecurity assessments for a broad range of customer environments to determine any gaps that exist between compliance requirements and actual implementation based on common NIST standards, such as NIST SP 800-53, NIST SP 800-82, and NIST SP 800-171.
Lead or participate in assessment teams to evaluate organizations against compliance standards.
Develop & manage assessment project plans.
Work with the customer to conduct interviews and observe technical implementations.
Provide guidance to customers, as needed, to facilitate compliance requirements.
Conduct compliance and cybersecurity workshops.
Create assessment reports and gap analysis reports.
Create System Security Plans, Plan of Action & Milestones, and security procedures.
Other duties as assigned.
Requirements
Associate's degree or higher (equivalent experience/military will be considered)
4 years of direct cybersecurity or Information Technology experience are required.
Must have a Lead CMMC Certified Assessor (CCA).
Must have one or more of the following certifications:
Cybersecurity & Infrastructure Security Agency (CISA).
Certified Information Systems Security Professional (CISSP).
Certified Cloud Security Professional (CCSP).
Certified Information Security Manager (CISM).
CompTIA Advanced Security Practitioner (CASP+).
Certified Chief Information Security Officer (CCISO).
Global Information Assurance Certification (GIAC).
GIAC Certified Enterprise Defender (GCED).
GIAC Certified Incident Handler Certification (GCIH).
GIAC Security Leadership (GSLC).
Prior cybersecurity assessment experience is required.
Experience in technical document writing.
Experience in a security/compliance focused role with 3 to 5 years of experience performing technical security audits and risk assessments.
Minimum of 1 year of experience with cloud-based concepts with an emphasis on security and auditing Amazon Web Services (AWS) or Azure controls.
Ability to pass a federal background check.
Successful drug screening.
Must be eligible to obtain and maintain a security clearance.
Willingness to travel as needed.
Preferred Qualifications
3+ years' of experience with cloud-based concepts with an emphasis on security and auditing AWS or Azure controls.
Location/Work Arrangement
This position is Remote with some travel / onsite requirements.
Benefits
BGS offers a competitive total compensation package to eligible employees. Benefits include Health, Dental, Vision, Life Insurance, Paid Vacation, 401K, Long and Short-Term Disability.
EEO
BGS is an Equal Opportunity/Affirmative Action employer. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.
Exclusive Agreement Disclaimer
BGS has standing contracts with federal agencies throughout the United States. We require an affirmative exclusive agreement to represent all candidates to our clients. By submitting this application, you are consenting to allow BGS to represent you as a candidate for the role in which you are applying.
#J-18808-Ljbffr
is responsible for the performance of cybersecurity framework assessments to determine compliance with Government-mandated cybersecurity regulatory requirements. This position is primarily responsible for Cybersecurity Maturity Model Certification (CMMC) for Maturity Levels 1, 2, and 3, National Institute of Standards and Technology Special Publication - NIST SP 800-171, and NIST SP 800-172 assessments but may also be asked to conduct assessments against NIST SP 800-53 Risk Management Framework (RMF), International Organization for Standardization - ISO 27001, Center for Internet Security, the NIST Cybersecurity Framework.
Responsibilities
Maintain CMMC documentation for BGS as a Certified Third-Party Assessor Organization (C3PAO) within the CMMC Ecosystem.
Conduct cybersecurity assessments for a broad range of customer environments to determine any gaps that exist between compliance requirements and actual implementation based on common NIST standards, such as NIST SP 800-53, NIST SP 800-82, and NIST SP 800-171.
Lead or participate in assessment teams to evaluate organizations against compliance standards.
Develop & manage assessment project plans.
Work with the customer to conduct interviews and observe technical implementations.
Provide guidance to customers, as needed, to facilitate compliance requirements.
Conduct compliance and cybersecurity workshops.
Create assessment reports and gap analysis reports.
Create System Security Plans, Plan of Action & Milestones, and security procedures.
Other duties as assigned.
Requirements
Associate's degree or higher (equivalent experience/military will be considered)
4 years of direct cybersecurity or Information Technology experience are required.
Must have a Lead CMMC Certified Assessor (CCA).
Must have one or more of the following certifications:
Cybersecurity & Infrastructure Security Agency (CISA).
Certified Information Systems Security Professional (CISSP).
Certified Cloud Security Professional (CCSP).
Certified Information Security Manager (CISM).
CompTIA Advanced Security Practitioner (CASP+).
Certified Chief Information Security Officer (CCISO).
Global Information Assurance Certification (GIAC).
GIAC Certified Enterprise Defender (GCED).
GIAC Certified Incident Handler Certification (GCIH).
GIAC Security Leadership (GSLC).
Prior cybersecurity assessment experience is required.
Experience in technical document writing.
Experience in a security/compliance focused role with 3 to 5 years of experience performing technical security audits and risk assessments.
Minimum of 1 year of experience with cloud-based concepts with an emphasis on security and auditing Amazon Web Services (AWS) or Azure controls.
Ability to pass a federal background check.
Successful drug screening.
Must be eligible to obtain and maintain a security clearance.
Willingness to travel as needed.
Preferred Qualifications
3+ years' of experience with cloud-based concepts with an emphasis on security and auditing AWS or Azure controls.
Location/Work Arrangement
This position is Remote with some travel / onsite requirements.
Benefits
BGS offers a competitive total compensation package to eligible employees. Benefits include Health, Dental, Vision, Life Insurance, Paid Vacation, 401K, Long and Short-Term Disability.
EEO
BGS is an Equal Opportunity/Affirmative Action employer. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.
Exclusive Agreement Disclaimer
BGS has standing contracts with federal agencies throughout the United States. We require an affirmative exclusive agreement to represent all candidates to our clients. By submitting this application, you are consenting to allow BGS to represent you as a candidate for the role in which you are applying.
#J-18808-Ljbffr