CMMC Practice Lead

About the Job

SecureStrux is seeking a CMMC Practice Lead with experience in CMMC consulting and CMMC assessments. In this role, you will manage the CMMC line of business, leading a team of assessors delivering compliance and risk services to the Defense Industrial Base and Defense Agencies. This role requires a blend of business expertise, leadership, and technical proficiency, with approximately 75% of time dedicated to billable client work. An active Tier III / Secret Security Clearance is required.

Job Details

• Full Time, Exempt, Salaried
• Remote home office with up to 20% travel to client sites.

The Work You'll Do

• Lead and mentor a team of CMMC consultants, fostering collaboration, knowledge-sharing, and professional growth.
• Oversee and participate in client engagements, including compliance assessments, gap analyses, remediation planning, and readiness reviews, with a primary focus on CMMC, NIST 800-171, FedRAMP, NIST 800-53, FISMA, and related frameworks.
• Define assessment scopes for CMMC Level 1 and 2 and provide risk-based recommendations to clients based on findings.
• Support clients by developing remediation roadmaps and Plans of Action and Milestones (POA&Ms).
• Manage client relationships and communications, ensuring high-quality delivery and measurable results.
• Contribute to the maturity of the compliance practice by refining internal processes, methodologies, and delivery standards.
• Partner with Business Development to support proposals, level-of-effort estimates, and technical subject matter expertise for both federal and commercial opportunities.
• Stay current on evolving CMMC and DoD requirements to ensure SecureStrux remains at the forefront of compliance advisory services.
• Create detailed information security policies and procedures to ensure compliance with various standards, including CMMC Level 2 and ISO 27001/2.
• Support other compliance-related projects as needed.

What You'll Bring

• Associate or bachelor's degree, or equivalent experience, and 10+ years' experience
• Active Secret Clearance required to start
• Active Certified CMMC Professional (CCP) Certification required to start
• Active Certified CMMC Assessor (CCA) Certification required to start
• CISSP or equivalent required to start
• 10 years of Cybersecurity experience
• 5 years of assessment or audit experience
• Knowledge of and hands-on experience with CMMC, NIST 800-171, and related frameworks.
• Deep familiarity with, or experience performing security compliance assessments supporting a C3PAO.
• Experience implementing various security policy frameworks and control design.
• Experience supporting FedRAMP and/or RMF security assessments.

Preferred

• Certification as a Project Management Professional (PMP) is preferred.
• Experience as a Security control Assessor DoD or Federal Agencies is a plus

Salary Range: $90,000 - $150,000

Our Approach

At SecureStrux, we are committed to core values that guide the way we work with one another and our clients. As a team member, you will Create Team Synergy, Drive Continuous Innovation, Deliver with Integrity, and have the Freedom to Own it. Our thriving company culture supports our employees as they seek to grow with us!

What We Offer

Between our virtual environment where you can evaluate recent technologies and enhance your skills, and a generous annual professional development stipend, you will join a team that enjoys working on leading-edge technologies for world-class clients. We offer a robust total compensation package that includes comprehensive health benefits to support you and your family, flexible time off, continuing education allowance, a donation allowance for charitable causes, and a matched 401k.

Employment Types: Full-time

Work Arrangements: Hybrid