Lead Consultant, CMMC Cybersecurity Assessor

Multiple Locations: Charlotte, NC, USA • Atlanta, GA, USA • Tysons, VA, USA • Dallas, TX, USA • Tampa, FL, USA

Apply

Company Profile:

At FORVIS, your career is designed with a purpose. We want our team members to thrive professionally and feel the impact their work yields when serving clients, industries, and local communities. This starts by empowering team members to design a career journey that leverages their skills and fuels their passions.

Creating a best-in-class employee experience is at the heart of our vision for the future. With several industry focus areas, multiple service lines, and locations in five geographical regions across the country to choose from, the opportunities for your career are without limit.

About FORVIS

FORVIS is a Top-10 professional services firm providing assurance, tax, and advisory services, driven by our commitment to using our forward vision to provide rewarding career opportunities and deliver unmatched client experiences. Learn more at FORVIS.com

Design your career with purpose at FORVIS. For more information about our firm locations, visit FORVIS.com. FORVIS, LLP is an equal opportunity/affirmative action employer. Employment selection and related decisions are made without regard to age, race, color, sex, sexual orientation, national origin, religion, genetic information, disability, protected veteran status, or other protected classifications.

It is FORVIS's standard policy not to accept unsolicited referrals or resumes from any source other than directly from candidates.

• FORVIS expressly reserves the right not to consider unsolicited referrals and/or resumes from vendors including and without limitation, search firms, staffing agencies, fee-based referral services, and recruiting agencies.
• FORVIS further reserves the right not to pay a fee to a recruiter or agency unless such recruiter or agency has a signed vendor agreement with FORVIS.
• Any resume or CV submitted to any employee of FORVIS without having a FORVIS vendor agreement in place will be considered the property of FORVIS.

Requisition Number: 2235857

Position Title:

External Description: Description & Requirements

The IT Risk & Compliance team helps organizations manage IT governance, cybersecurity, and regulatory compliance across industries. With expertise in frameworks like CMMC, NIST, and ISO 27001, they offer services including IT audits, risk assessments, ransomware simulations, and control testing. Their tailored strategies ensure data security, regulatory alignment, and operational continuity-empowering clients to navigate today's complex digital risk landscape with confidence.

What You Will Do:

  • Conduct information security risk and compliance assessments aligned with federal and government-mandated cybersecurity frameworks, including CMMC, NIST SP 800-171, NIST SP 800-53, FedRAMP/StateRAMP, and the NIST Cybersecurity Framework.
  • Evaluate IT environments to identify compliance gaps and vulnerabilities; document findings with clear reporting, proof-of-concept, and actionable recommendations.
  • Lead and perform assessments based on NIST SP 800-171 to support CMMC Level 2 certification readiness.
  • Collaborate with consulting teams serving large enterprise clients across various industries.
  • Assist organizations in defining system boundaries for in-scope environments.
  • Support clients in developing documentation such as System Security Plans (SSPs), policies and procedures, strategic plans, and Plans of Action and Milestones (POA&Ms).
  • Design and implement solutions-including tools, processes, and data flows-to meet compliance requirements and reduce cybersecurity risk.
  • Manage multiple concurrent projects, ensuring timely delivery and adherence to budget constraints.
  • Contribute to the development of new strategic service offerings in federal cybersecurity compliance; build solution roadmaps and mentor junior team members.

Minimum Qualifications:

  • Associate's Degree in Cybersecurity, Management Information Systems (MIS), Computer Science, or a related field; or a minimum of six years of relevant experience.
  • 4+ years of relevant experience in cybersecurity, IT audit, or governance, risk, and compliance
  • Experience in a minimum of 1 of the following frameworks:
    • NIST Cybersecurity Framework (CSF)
    • Cybersecurity Maturity Model Certification (CMMC) and/or NIST SP 800-171
    • Payment Card Industry Data Security Standard (PCI DSS) o ISO 27001 / 27002
    • FedRAMP / StateRAMP
    • FISMA and NIST SP 800-53 o CIS Critical Security Controls
  • Experience providing consulting, assessment, or implementation services associated with federal cyber compliance frameworks, including NIST 800-171, FISMA, or FedRAMP.
  • Working knowledge of cyber risk management frameworks (CMMC / NIST 800-171, FISMA, FedRAMP, NIST Cybersecurity Framework, NIST SP 800-53)
  • General knowledge of common compliance frameworks (PCI DSS, ISO 27001, HIPAA/HITRUST)
  • Proficiency in Microsoft Office Suite
  • CMMC Certified Assessor (CCA) credential

Preferred Qualifications:

  • Bachelor's Degree in Cybersecurity, MIS, Computer Science, or a relevant field
  • Professional services or consulting experience
  • Current and valid cybersecurity and/or privacy-related certification(s), including but not limited to the following: CISSP, CISA, CISM, QSA, and CIPP

#LI-TPA, #LI-ATL, #LI-CLTSP, #LI-DFW, #LI-TYS

#LI-GM1

City: Charlotte

State: North Carolina

Community / Marketing Title: Lead Consultant, CMMC Cybersecurity Assessor

Location_formattedLocationLong: Charlotte, North Carolina US

CountryEEOText_Description:

With a legacy spanning more than 100 years, Forvis Mazars is committed to providing a different perspective and an unmatched client experience that feels right, personal and natural. We respect and reflect the range of perspectives, knowledge and local understanding of our people and clients. We take the time to listen to deliver consistent audit and assurance, tax, advisory and consulting services worldwide.

We nurture a deep understanding of our clients’ industries, delivering greater insight, deeper specialization and tailored solutions through people who listen to understand, are responsive and consult with purpose to deliver value.

About Forvis Mazars, LLP

Forvis Mazars, LLP is an independent member of Forvis Mazars Global, a leading global professional services network. Ranked among the largest public accounting firms in the United States, the firm’s 7,000 dedicated team members provide an Unmatched Client Experience® through the delivery of assurance, tax, and consulting services for clients in all 50 states and internationally through the global network. Visit forvismazars.us to learn more.

Forvis Mazars, LLP is an equal opportunity/affirmative action employer. Employment selection and related decisions are made without regard to age, race, color, sex, sexual orientation, national origin, religion, genetic information, disability, protected veteran status, gender identity, or other protected classifications.
It is Forvis Mazars, LLP standard policy not to accept unsolicited referrals or resumes from any source other than directly from candidates.

Forvis Mazars, LLP expressly reserves the right not to consider unsolicited referrals and/or resumes from vendors including and without limitation, search firms, staffing agencies, fee-based referral services, and recruiting agencies.
Forvis Mazars, LLP further reserves the right not to pay a fee to a recruiter or agency unless such recruiter or agency has a signed vendor agreement with Forvis Mazars, LLP.Any resume or CV submitted to any employee of Forvis Mazars, LLP without having a Forvis Mazars, LLP vendor agreement in place will be considered the property of Forvis Mazars, LLP.