Cybersecurity Consultant – CMMC Certified Assessor (CCA) Position Available In Madison, Alabama

Cybersecurity Consultant – CMMC Certified Assessor (CCA) Gray Analytics Huntsville, AL Job Details Full-time $130,000 – $200,000 a year 2 days ago Benefits Disability insurance Flexible spending account Paid time off 401(k) matching Professional development assistance Opportunities for advancement Pet insurance Qualifications CMMC Certified Information Systems Auditor GSEC Customer service Writing skills CISSP System architecture Secret Clearance

HITRUST CEH CISM NIST

standards Risk management Organizational skills

ISO 27001 GIAC

Certification Cybersecurity Senior level CompTIA Security+ RMF Leadership Communication skills Certified Information Privacy Professional Analytics Full Job Description Gray Analytics was founded in 2018 with a vision to bring innovative and creative solutions in the cybersecurity, IT, engineering, and scientific spheres. Our customers span across the commercial and federal domains with our goal being to bring excellent customer service to our clients and employees. Without the bureaucracy that often exists in larger corporations, Gray Analytics offers increased work flexibility, visibility in company progress, and greater opportunities for advancement. It’s with our employees’ support that we can help our clients achieve mission and operational success. At Gray Analytics, our goal is simple: to help our country, its businesses, and its organizations improve security in the Cyber realm. Period.

Position Title:

Cybersecurity Consultant –

CMMC Certified Assessor Location:

Fully Remote Travel Required:

50% both

CONUS and OCONUS Status:

Full-time;

Exempt Position Description:

Gray Analytics is seeking a motivated and dedicated Senior Cybersecurity Consultant that is a recognized CMMC Certified Assessor (CCA) by the CyberAB to assess, advise, and support commercial clients.

Other duties may include:

Conduct comprehensive assessments of Defense Industrial Base (DIB) organizational networks and systems to identify any vulnerabilities and to confirm they meet the necessary CMMC level requirements. Work with organizations to design and implement security measures and controls, in line with CMMC standards, to protect sensitive data and systems from infiltration and cyber-attacks. Coordinate with various teams within an organization to develop and implement the action plans necessary to achieve CMMC compliance. Assist organizations with the review and update of existing security policies and procedures to align with evolving CMMC requirements and best practices in cybersecurity. Prepare detailed reports on the status of an organization’s CMMC compliance. Keep abreast of the latest cybersecurity threats and trends, as well as updates to the CMMC framework. Achieve utilization targets, complete projects on time and budget, and meet quality standards. Study, learn, test, document, execute and seek to continuously improve scalable consulting services processes to effectively deliver customer engagements while achieving a high level of customer satisfaction. Execute project planning, scheduling, and other coordination of internal and customer resources to conduct interviews, meetings, and presentations. Prepare and deliver thoughtful, insightful, and professional presentations to customers and internal Gray Analytics stakeholders. Create, review and edit findings, observations, and recommendations reports. Become knowledgeable of Gray Analytics service offerings, sales process, marketing materials, contract and SOW structure, methodologies, delivery standards, work tools, and processes. Pursue additional education and stay current on best practices, technical skills, and tools related to the position’s duties. This position has significant interaction with internal and external stakeholders, including colleagues, customers, partners, subcontractors, and potential investors. This position requires a strong customer service orientation and the ability to: Work independently on a variety of projects simultaneously, Exercise good judgment and initiative to manage priorities, Quickly develop trusting relationships with a variety of Defense Industrial Base compliance and information system professionals, Pose questions and listen to customer responses effectively to draw out essential facts, data, business process descriptions, sensitivities, and perspectives, and Demonstrate strong organizational abilities, effective writing skills, and communications skills. Develop presentations with clear messages, and effective slides, and deliver these presentations to senior executives Lead teams of internal and external stakeholders to drive security projects forward Identify and manage client engagement risks and issues

Required Qualifications:

Must be a CMMC Certified Assessor – CCA Strong understanding and experience with Cybersecurity Risk Management principles with an emphasis on Framework Adoptions. Specific expertise in at least one of the below frameworks required: NIST Cybersecurity Framework (NIST CSF) NIST Risk Management Framework (NIST RMF) DoD Cybersecurity Policies including

DFARS 7012, NIST

800-171 and

CMMC HIPAA

Security Rule / HITRUST

ISO 27001

o System and Organizational Controls (SOC) Center for Internet Security (CIS) Ability and experience conducting Risk Assessments to include NIST 800-30 and/or CIS RAM methodologies. In-depth understanding of cyber security policy, tools, threat mitigation techniques, network topologies, and secure network design. Ability to identify project requirements, develop project costs/schedules, coordinate technical activities, and implement risk mitigation activities. Experience leading or conducting cyber assessments. Experience in designing and reviewing system architecture designs. Excellent technical writing and verbal communication skills. Ability to present findings and recommendations to an executive team or board.

Preferred Qualifications:

CMMC Provisional Assessor (PA) / Certified Assessor (CCA) / Certified Professional (CCP) Certified Information Systems Security Professional (CISSP) Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Privacy Professional (CIPP) Certified Ethical Hacker (CEH) or equivalent Certified Incident Handler (ECIH) or equivalent COMPTIA Security+, GIAC Security Essentials (GSEC), or equivalent

Security Requirements:

An Active Secret Clearance is required at the time of hire in order to be considered. About Gray Analytics Gray Analytics values our employees as our most important resource. To showcase these values, we offer not only traditional medical, disability, life, etc. coverages that begin on day one of employment, but also unique benefits to improve our employees’ quality of life. Some of these unique benefits include: A PTO policy based on total years of experience, not years of service to the company. PTO is available for use immediately at hire, subject to company needs. Eligibility for 401K contributions and company matching, Pet Insurance through Spot, Flexible Spending Account, and Tuition and Professional Development Funds begin on day one of employment. Charitable donations program on a yearly and quarterly basis where employees can nominate a non-profit of choice to receive donations.