Apply on Employer Site

Nottingham Spirk · 17 hours ago

CMMC/Quality Manager

Cleveland, OH

Full-time

Hybrid

Senior Level

$130K/yr - $188K/yr

7+ years exp

Nottingham Spirk is a Cleveland, Ohio-based design services consultancy that specializes in product innovations and quality management. They are seeking an experienced CMMC/Quality Manager to lead compliance and quality strategies, ensuring adherence to industry standards, and collaborating cross-functionally to maintain high-quality systems and processes.

Consulting

No H1B

U.S. Citizen Only

Responsibilities

Oversee implementation and ongoing adherence to NIST SP 800-171 controls related to the protection of Controlled Unclassified Information (CUI)

Collaborate with IT Networking teams and Managed Services Partner (MSP) to assess cybersecurity posture and implement required safeguards

Maintain documentation including SSP (System Security Plan), POA&M (Plan of Action & Milestones), incident response procedures, and audit records

Lead preparation for Dept of War or customer compliance assessments, including CMMC readiness and assessments

Train personnel on security practices, data-handling requirements, and quality-related compliance procedures

Maintain knowledge of most current updates in NIST and CMMC requirements and develops plans for updating NS policies, procedures and artifacts accordingly

Develop, document, implement, and maintain the company's Quality Management System (QMS)

Create, refine, and enforce quality and compliance policies, standard operating procedures, and documentation controls

Lead internal and external quality audits; coordinate corrective and preventive actions (CAPA)

Track and analyze compliance and quality metrics; drive data-based improvements across the organization

Oversee supplier compliance, quality, incoming inspections, non-conformance management, and root-cause analysis

Work closely with networking/IT teams to ensure that systems impacting quality or compliance are properly configured, monitored, and secured

Understand network diagrams, data flows, and system interactions relevant to quality systems and CUI management

Evaluate and validate technical controls such as access management, system hardening, logging, and encryption to ensure alignment with NIST requirements

Support validation of connected systems used in development, testing, or data collection

Lead cross-functional problem-solving initiatives and process improvements

Compliance planning for implementation of new technologies including AI tools

Mentor and guide team members on quality principles, documentation, and compliance requirements

Serve as the primary quality and compliance liaison to customers, suppliers, and regulatory bodies

Facilitate communication between engineering, operations, IT teams, and executive leadership

Support medical, aviation, automotive or other compliance standards as required by non-DoW clients

Qualification

CMMCNIST 800-171Quality Management SystemCompliance AuditsNetworking ConceptsSecurity+ CertificationCISA CertificationCompliance ToolsISO-9001Leadership SkillsDocumentation SkillsCommunication Skills

Required

Bachelor's degree in Engineering, Quality, Information Technology, Cybersecurity, or a related field

Minimum 7 years of experience in compliance/quality management or quality engineering

Direct experience implementing or maintaining NIST SP 800-171 and CMMC policies and procedures

Demonstrated success leading audits, investigations, and process-improvement projects

Due to compliance with U.S. export control laws and regulations, candidate must be a U.S. Person, which is defined as, a U.S. citizen, a U.S. permanent resident, or have protected status in the U.S. under asylum or refugee status

Working knowledge of networking concepts (e.g., firewalls, VLANs, access control, encryption, endpoint security)

Excellent documentation, communication, and leadership skills

Demonstrated experience in influential leadership across multiple teams

Ability to teach audit participation techniques

Knowledge of DoW contracting requirements and cybersecurity regulations

Experience with compliance and quality management tools (e.g., Drata, control plans)