Manager – Cybersecurity Compliance Advisory

Company DescriptionAccorian is an established cybersecurity advisory and consulting firm headquartered in New Jersey with regional offices in India, Canada and UAE. In today’s dynamic digital world, we serve a global clientele, helping businesses of all sizes strategize cybersecurity initiatives, identify risks, develop solutions, program management, incident response, penetration testing and achieve necessary compliance. Our team comprises of cybersecurity & IT industry veterans who’ve help leadership & CXO roles at large global enterprises whereby enriching the consistent mentorship culture of the organization. We have a special focus towards the unicorns of tomorrow amongst Fintechs, HealthTechs and other SaaS. Role DescriptionThis role will be responsible for leading client-facing CMMC readiness engagements using Accorian’s CMMC delivery methodology, including scope review, gap assessment, remediation advisory, mock audit readiness validation, and C3PAO pass-off support. The ideal candidate will have hands-on experience with CMMC Level 2, NIST SP 800-171, NIST Cybersecurity Framework, cloud security architecture, Microsoft GCC / GCC High, AWS GovCloud, Google Distributed Cloud environments, and audit/testing activities across platforms such as Microsoft Azure, Microsoft 365, AWS, and/or Google Cloud Platform.  Mandatory Skill Sets ▪ Relevant bachelor’s and master’s degree in computer science/ IT Auditing/ Information Systems/ privacy. ▪ Strong communication skills, executive presence and the ability to manage engagement activities from planning through reporting.▪ Strong working knowledge of: o CMMC Level 2 o NIST SP 800-171 o NIST Cybersecurity Framework o Microsoft GCC / GCC High / AWS GovCloud compliance considerations o Security assessment and audit methodologies ▪ Experience performing readiness assessments, gap assessments, remediation advisory, mock audits, or control testing. ▪ Hands-on knowledge of cloud security concepts and compliance considerations for at least one major cloud platform: o Microsoft Azure / Microsoft 365 o Microsoft GCC / GCC High o AWS / AWS GovCloud o Google Cloud Platform ▪ Relevant certifications such as: o CCP, CCA, CISA, CISSP, CISM, CRISC o ISO 27001 Lead Auditor / Lead Implementer o CCSFP o Microsoft, AWS, or Google Cloud security certifications ▪ Detail-oriented with strong audit discipline and documentation quality. ▪ Comfortable working independently while also collaborating with delivery teams. ▪ Able to balance advisory support with assessor independence considerations. Key Responsibilities CMMC Readiness & Advisory Delivery ▪ Lead and support CMMC readiness assessments, with a focus on CMMC Level 2 and NIST SP 800-171 requirements. ▪ Assess client environments, policies, procedures, technical configurations, and evidence against applicable CMMC practices. ▪ Support the development and review of key CMMC artifacts, including: o System Security Plans o Scope narratives o Asset inventories o Data flow diagrams o Network diagrams o Shared responsibility matrices o POA&M / remediation roadmaps o Evidence request lists and evidence trackers o Control narratives and assessment workpapers ▪ Identify control gaps, assess implementation maturity, and develop clear remediation recommendations. ▪ Conduct interviews and walkthroughs with client stakeholders, including IT, security, compliance, operations, and executive teams. ▪ Support mock assessments, evidence reviews, remediation tracking, and readiness validation activities.Cloud Security, GCC / GCC High & Compliance ▪ Evaluate cloud environments against CMMC, NIST SP 800-171, and NIST CSF requirements.▪ Review cloud security controls across Microsoft Azure, Microsoft 365, GCC, GCC High, AWS, and/or GCP, including identity and access management, logging, encryption, endpoint management, network segmentation, monitoring, and incident response. ▪ Assess cloud-native and hybrid environments involving Microsoft 365 Commercial, Microsoft 365 GCC, Microsoft 365 GCC High, Azure Government, AWS GovCloud, Google Distributed Cloud, commercial cloud, and related SaaS platforms.▪ Support CMMC scoping discussions involving CUI, FCI, GCC High migration, enclave design, conditional access, tenant segmentation, secure collaboration, and shared responsibility considerations. ▪ Help clients understand cloud compliance considerations related to CUI handling, data residency, inheritance, segmentation, and secure architecture.▪ Review security configurations and governance considerations for specialized, secure cloud environments, including MFA, conditional access, audit logging, encryption, device compliance, endpoint management. Audit, Risk, and Framework Alignment ▪ Perform control testing, evidence review, and audit-style documentation procedures. ▪ Apply strong knowledge of NIST CSF, NIST SP 800-171, and cybersecurity control frameworks to client assessments. ▪ Prepare professional workpapers, findings, and client-ready deliverables.▪ Support framework mapping and advisory activities involving other standards when applicable, including SOC 2, ISO 27001, HITRUST, FedRAMP readiness, or penetration testing programs. ▪ Help clients translate compliance requirements into practical operational and technical security improvements. Client Management & Delivery Leadership ▪ Serve as a client-facing engagement lead or senior delivery resource. ▪ Drive project execution, including planning, meeting facilitation, status reporting, issue tracking, and deliverable management. ▪ Communicate findings clearly to both technical and non-technical stakeholders.▪ Manage multiple client priorities while maintaining quality, timelines, and delivery expectations. ▪ Support internal team members through coaching, review, and quality assurance of work products.▪ Contribute to methodology development, templates, tools, and process improvements for CMMC and cloud compliance services.