Practice Manager, Director, Principal (NIST/CMMC) jobs in United States
cer-icon
Apply on Employer Site
company-logo

ASCERA · 12 hours ago

Practice Manager, Director, Principal (NIST/CMMC)

positionUnited States
timeFull-time
remoteRemote
seniorityLead/Staff
date5+ years exp

ASCERA is seeking an experienced Services leader and Cyber Compliance professional to lead the growth and execution of their CMMC Compliance practice. The role involves shaping and scaling compliance services, ensuring customer delivery outcomes, and serving as a senior advisor to clients and internal teams.

Computer & Network Security

Responsibilities

Oversee and govern cybersecurity compliance engagements executed by senior consultants, ensuring consistent quality, methodology, and client outcomes
Provide senior advisory oversight for customer programs supporting DFARS, CMMC, FedRAMP, NIST CSF and NIST SP 800-171 initiatives
Own engagement success by partnering with client leadership to align regulatory requirements with business goals and risk tolerance
Review and validate assessment approaches, control testing strategies, and evidence packages for readiness and formal certification efforts
Build and scale practice capability through the creation of repeatable delivery processes and ongoing consultant development
Advise 112Cyber's ASCERA team on changing compliance requirements and rule interpretation to inform CMMC software development
Manage practice resources and capacity, aligning consultant skills and availability to active projects while balancing utilization, delivery timelines, and customer priorities
Oversee formal CMMC assessments conducted by assessment teams, ensuring adherence to C3PAO requirements, assessment methodology, and accreditation standards
Serve in the C3PAO QA role to ensure the effectiveness and accuracy of assessment results by validating that security measures align with CMMC practices and processes for the assigned maturity level
Review and approve evidence packages, including technical artifacts such as system logs, incident reports, and audit trails, to confirm compliance and defensibility of conclusions
Ensure consistent and unbiased assessment execution, maintaining strict objectivity and evidence-based decision making throughout the assessment lifecycle
Oversee assessment documentation and submission readiness for CMMC-AB, ensuring completeness, quality, and regulatory compliance across all C3PAO engagements
Maintain assessment integrity and consistency across the practice by enforcing standardized procedures, quality controls, and continuous improvement of the C3PAO program

Qualification

CMMC ComplianceCyber Risk ManagementIT Security ControlsAudit CoordinationCMMC Assessor CertificationIndustry CertificationsTechnical DocumentationPractice LeadershipStakeholder EngagementTeam DevelopmentSelf-directed LeadershipCommunication Skills

Required

5-8+ years of experience in IT security controls testing and documentation, including responsibility for managing and overseeing client control testing efforts
5+ years of experience leading and coordinating external and internal audit activities, including DFARS, CMMC, NIST 800-53, or similar regulatory assessments
5+ years of experience producing high-quality technical documentation, compliance deliverables, and executive-level reports
3+ years of experience in practice leadership, including managing consultant performance, capacity planning, delivery quality, and continuous improvement of service offerings
Self-directed leader with a strong sense of ownership and accountability for outcomes
Proven ability to engage executive stakeholders, build trusted relationships, and influence decision-making
Exceptional communicator, able to translate complex technical and regulatory concepts into clear, actionable guidance for non-technical audiences

Preferred

Active Lead CMMC Certified Assessor (CCA) credential; if not CCA certified, willingness to obtain
One or more industry certifications such as CISSP, CISM, CISA, CRISC, or equivalent

Benefits

Competitive salary and bonus plan.
Long-term opportunity for equity interest in company.
Comprehensive medical, mental, and vision plans.
401(k) with company match.
30 days annual paid time off.
Significant Training and Development and Certification attainment.
Opportunity for long term career advancement.

Company

ASCERA

twitter
company-logo
ASCERA is a next-generation compliance software company focused on leveraging automation to minimize the pain of manual, administrative, and time-consuming tasks associated with security compliance.
dateFounded in 2023
location
Clearwater, Florida, US
people-size11-50 employees
web-link
https://ascera.com/

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Russ Miller
CTO
linkedin
Company data provided by crunchbase