CMMC Consultant (Remote)

Job Title: CMMC ConsultantLocation: Remote (U.S. based)Employment Type: Full-timeRequired Qualifications: Handson experience conducting CMMC and NIST 800171 gap assessments and readiness evaluations using repeatable, structured methodologies Demonstrated ability to advise customers on compliance scoping decisions, including enclavebased approaches, fullenvironment implementations, and shared responsibility considerations Experience coordinating across identity and access management, endpoint security, logging and monitoring, and security tooling workstreams Strong clientfacing communication skills with a proven ability to bridge technical compliance detail and executivelevel business context Ability to independently manage multistakeholder compliance engagements across advisory, planning, and implementation phasesRole Overview & Responsibilities: Lead CMMC readiness, advisory, and implementation engagements across a portfolio of Defense Industrial Base (DIB) clients Plan and execute CMMC and NIST 800171 readiness assessments and gap analyses, documenting findings and prioritized remediation paths Advise customers on compliance strategy and scoping including the operational tradeoffs of enclavebased versus fullscope approaches Coordinate implementation activities spanning identity management, endpoint hardening, boundary protection, and logging and monitoring Collaborate with internal engineering teams, customer stakeholders, and external C3PAO partners to ensure consistent, highquality engagement delivery Translate complex technical requirements into clear, actionable guidance for business and executive audiences Support customers through all preassessment phases, including readiness evaluation, control remediation, and POAM execution Manage engagement timelines, milestone tracking, and stakeholder communication across multiple concurrent projects Contribute to presales and solution positioning activities, including customer discovery and proposal support Deliver practical, operationally grounded guidance focused on implementing and sustaining security controls not just achieving paper complianceCertifications: CCP or be willing/able to obtain within 2 months of hire Additional professional certifications such as CMMC RP/A, CISSP, or CISA are highly desirable.