Manager - CMMC Cybersecurity Assessor
Multiple Locations: Charlotte, NC, USA • Atlanta, GA, USA • Tysons, VA, USA • Dallas, TX, USA • Tampa, FL, USA
Company Profile:
At FORVIS, your career is designed with a purpose. We want our team members to thrive professionally and feel the impact their work yields when serving clients, industries, and local communities. This starts by empowering team members to design a career journey that leverages their skills and fuels their passions.
Creating a best-in-class employee experience is at the heart of our vision for the future. With several industry focus areas, multiple service lines, and locations in five geographical regions across the country to choose from, the opportunities for your career are without limit.
About FORVIS
FORVIS is a Top-10 professional services firm providing assurance, tax, and advisory services, driven by our commitment to using our forward vision to provide rewarding career opportunities and deliver unmatched client experiences. Learn more at FORVIS.com
Design your career with purpose at FORVIS. For more information about our firm locations, visit FORVIS.com. FORVIS, LLP is an equal opportunity/affirmative action employer. Employment selection and related decisions are made without regard to age, race, color, sex, sexual orientation, national origin, religion, genetic information, disability, protected veteran status, or other protected classifications.
It is FORVIS's standard policy not to accept unsolicited referrals or resumes from any source other than directly from candidates.
• FORVIS expressly reserves the right not to consider unsolicited referrals and/or resumes from vendors including and without limitation, search firms, staffing agencies, fee-based referral services, and recruiting agencies.
• FORVIS further reserves the right not to pay a fee to a recruiter or agency unless such recruiter or agency has a signed vendor agreement with FORVIS.
• Any resume or CV submitted to any employee of FORVIS without having a FORVIS vendor agreement in place will be considered the property of FORVIS.
Requisition Number: 2234007
Position Title:
External Description:
Description & Requirements
Ready to Accelerate Your Career? Join our rapidly expanding advisory team!
Our IT Risk & Compliance Advisory practice combines industry expertise and innovative solutions to help global companies exceed their strategic objectives. With a global footprint, our portfolio of fortune 1000 services clients spans industries including banking and finance, insurance, healthcare, and manufacturing, from large to middle markets.
Your New Career Challenge
Daily, you will have the opportunity to learn and work alongside a broad mix of highly talented subject matter leaders and team members both at Forvis Mazars and at our clients. You will have an environment to explore and experience emerging, and relevant topics based on your interests and alignment to your short and long-term career goals.
This role will be primarily focused on supporting CMMC consulting and assessment projects with U.S. Department of Defense contractor clients of all size, complexity, and industry, including international and Fortune 1000 companies. The right individual will help lead projects as an experienced subject matter resource with previous experience with various US federal compliance frameworks, including CMMC / NIST 800-171, FISMA, FedRAMP, and NIST CSF.
How you will contribute:
- Help execute information security risk and compliance assessments against federal and other government required cyber frameworks, including the Cybersecurity Maturity Model Certification (CMMC), NIST 800-171, NIST 800-53, FedRAMP/StateRAMP, and the NIST Cybersecurity Framework, among others.
- Assesses IT environments and identifies gaps and vulnerabilities that impair compliance with required standards and assists with the documenting of clear reporting with proof-of-concept and recommendations.
- Lead and conduct assessments based upon NIST 800-171, designed to comply with CMMC Level 2 certification assessments.
- Participate on consulting teams with large enterprise clients in multiple industries to:
- Assist organizations with defining boundaries of in-scope systems.
• Define and integrate solutions, including tools, processes, and data flows to maintain required compliance obligations and reduce cyber risk.
- Effectively manage multiple projects concurrently, helping define and drive project management to keep projects on schedule and within budget.
- Help identify and define new strategic service offerings in the federal cyber compliance industry, build out solutions and roadmaps, and help train more junior team members in federal cyber compliance frameworks and client projects.
Minimum Qualifications:
- Bachelor's Degree in Cybersecurity, MIS, Computer Science, or a similar discipline
- Experience providing consulting, assessment, or implementation services associated with federal cyber compliance frameworks, including NIST 800-171, FISMA, or FedRAMP.
- Working knowledge of cyber risk management frameworks (CMMC / NIST 800-171, FISMA, FedRAMP, NIST Cybersecurity Framework, NIST SP 800-53)
- General knowledge of common compliance frameworks (PCI DSS, ISO 27001, HIPAA/HITRUST)
- At least 5 years of experience in cybersecurity, IT audit, or governance, risk, and compliance required, including 1 - 2 of the following frameworks:
o Cybersecurity Maturity Model Certification (CMMC) and/or NIST SP 800-171
o Payment Card Industry Data Security Standard (PCI DSS)
o ISO 27001 / 27002
o FedRAMP / StateRAMP
o FISMA and NIST SP 800-53
o CIS Critical Security Controls
- Must have a CMMC Certified Assessor (CCA) credential.
Preferred Qualifications:
- Cybersecurity and/or privacy related certifications (e.g., CISSP, CISA, CISM, QSA, CIPP, etc.)
- Previous professional services or consulting experience
#LI-TPA, #LI-ATL, #LI-CLTSP, #LI-DFW, #LI-TYS
#LI_GM1
City: Charlotte
State: North Carolina
Community / Marketing Title: Manager - CMMC Cybersecurity Assessor
Location_formattedLocationLong: Charlotte, North Carolina US
CountryEEOText_Description:
With a legacy spanning more than 100 years, Forvis Mazars is committed to providing a different perspective and an unmatched client experience that feels right, personal and natural. We respect and reflect the range of perspectives, knowledge and local understanding of our people and clients. We take the time to listen to deliver consistent audit and assurance, tax, advisory and consulting services worldwide.
We nurture a deep understanding of our clients’ industries, delivering greater insight, deeper specialization and tailored solutions through people who listen to understand, are responsive and consult with purpose to deliver value.
About Forvis Mazars, LLP
Forvis Mazars, LLP is an independent member of Forvis Mazars Global, a leading global professional services network. Ranked among the largest public accounting firms in the United States, the firm’s 7,000 dedicated team members provide an Unmatched Client Experience® through the delivery of assurance, tax, and consulting services for clients in all 50 states and internationally through the global network. Visit forvismazars.us to learn more.
Forvis Mazars, LLP is an equal opportunity/affirmative action employer. Employment selection and related decisions are made without regard to age, race, color, sex, sexual orientation, national origin, religion, genetic information, disability, protected veteran status, gender identity, or other protected classifications.
It is Forvis Mazars, LLP standard policy not to accept unsolicited referrals or resumes from any source other than directly from candidates.
Forvis Mazars, LLP expressly reserves the right not to consider unsolicited referrals and/or resumes from vendors including and without limitation, search firms, staffing agencies, fee-based referral services, and recruiting agencies.
Forvis Mazars, LLP further reserves the right not to pay a fee to a recruiter or agency unless such recruiter or agency has a signed vendor agreement with Forvis Mazars, LLP.Any resume or CV submitted to any employee of Forvis Mazars, LLP without having a Forvis Mazars, LLP vendor agreement in place will be considered the property of Forvis Mazars, LLP.