Lead Consultant - CMMC Cybersecurity Assessor

Description & Requirements

Our IT Risk & Compliance Advisory practice combines industry expertise and innovative solutions to help global companies exceed their strategic objectives. With a global footprint, our portfolio of fortune 1000 services clients spans industries including banking and finance, insurance, healthcare, and manufacturing, from large to middle markets.

Your New Career Challenge

Daily, you will have the opportunity to learn and work alongside a broad mix of highly talented subject matter leaders and team members both at Forvis Mazars and at our clients. You will have an environment to explore and experience emerging, and relevant topics based on your interests and alignment to your short and long-term career goals.

This role will be primarily focused on supporting CMMC consulting and assessment projects with U.S. Department of Defense contractor clients of all size, complexity, and industry, including international and Fortune 1000 companies. The right individual will help lead projects as an experienced subject matter resource with previous experience with various US federal compliance frameworks, including CMMC / NIST 800-171, FISMA, FedRAMP, and NIST CSF.

How you will contribute:

• Help execute information security risk and compliance assessments against federal and other government required cyber frameworks, including the Cybersecurity Maturity Model Certification (CMMC), NIST 800-171, NIST 800-53, FedRAMP/StateRAMP, and the NIST Cybersecurity Framework, among others.
• Assesses IT environments and identifies gaps and vulnerabilities that impair compliance with required standards and assists with the documenting of clear reporting with proof-of-concept and recommendations.
• Lead and conduct assessments based upon NIST 800-171, designed to comply with CMMC Level 2 certification assessments.
• Participate on consulting teams with large enterprise clients in multiple industries to:
• Assist organizations with defining boundaries of in-scope systems.
• Assisting clients with documentation development, including system security plans (SSP), policies/procedures, strategy development, and plans of action and milestones (POAMs).
• Define and integrate solutions, including tools, processes, and data flows to maintain required compliance obligations and reduce cyber risk.
• Effectively manage multiple projects concurrently, helping define and drive project management to keep projects on schedule and within budget.
• Help identify and define new strategic service offerings in the federal cyber compliance industry, build out solutions and roadmaps, and help train more junior team members in federal cyber compliance frameworks and client projects

Minimum Qualifications:

• Bachelor's Degree in Cybersecurity, MIS, Computer Science, or a similar discipline
• Experience providing consulting, assessment, or implementation services associated with federal cyber compliance frameworks, including NIST 800-171, FISMA, or FedRAMP.
• Working knowledge of cyber risk management frameworks (CMMC / NIST 800-171, FISMA, FedRAMP, NIST Cybersecurity Framework, NIST SP 800-53)
• General knowledge of common compliance frameworks (PCI DSS, ISO 27001, HIPAA/HITRUST)
• At least 4 years of experience in cybersecurity, IT audit, or governance, risk, and compliance required, including 1 - 2 of the following frameworks:
• NIST Cybersecurity Framework (CSF)
• Cybersecurity Maturity Model Certification (CMMC) and/or NIST SP 800-171
• Payment Card Industry Data Security Standard (PCI DSS) o ISO 27001 / 27002
• FedRAMP / StateRAMP
• FISMA and NIST SP 800-53 o CIS Critical Security Controls
• Must have a CMMC Certified Assessor (CCA) credential.

Preferred Qualifications:

• Cybersecurity and/or privacy related certifications (e.g., CISSP, CISA, CISM, QSA, CIPP, etc.)
• Previous professional services or consulting experience

#LI-TPA, #LI-ATL, #LI-CLTSP, #LI-DFW, #LI-TYS

#LI-GM1

With a legacy spanning more than 100 years, Forvis Mazars is committed to providing a different perspective and an unmatched client experience that feels right, personal and natural. We respect and reflect the range of perspectives, knowledge and local understanding of our people and clients. We take the time to listen to deliver consistent audit and assurance, tax, advisory and consulting services worldwide.

We nurture a deep understanding of our clients’ industries, delivering greater insight, deeper specialization and tailored solutions through people who listen to understand, are responsive and consult with purpose to deliver value.

About Forvis Mazars, LLP

Forvis Mazars, LLP is an independent member of Forvis Mazars Global, a leading global professional services network. Ranked among the largest public accounting firms in the United States, the firm’s 7,000 dedicated team members provide an Unmatched Client Experience® through the delivery of assurance, tax, and consulting services for clients in all 50 states and internationally through the global network. Visit forvismazars.us to learn more.

Forvis Mazars, LLP is an equal opportunity/affirmative action employer. Employment selection and related decisions are made without regard to age, race, color, sex, sexual orientation, national origin, religion, genetic information, disability, protected veteran status, gender identity, or other protected classifications.
It is Forvis Mazars, LLP standard policy not to accept unsolicited referrals or resumes from any source other than directly from candidates.

Forvis Mazars, LLP expressly reserves the right not to consider unsolicited referrals and/or resumes from vendors including and without limitation, search firms, staffing agencies, fee-based referral services, and recruiting agencies.
Forvis Mazars, LLP further reserves the right not to pay a fee to a recruiter or agency unless such recruiter or agency has a signed vendor agreement with Forvis Mazars, LLP.Any resume or CV submitted to any employee of Forvis Mazars, LLP without having a Forvis Mazars, LLP vendor agreement in place will be considered the property of Forvis Mazars, LLP.