Requirements and responsibilities
TestPros delivers innovative independent IT assessment solutions to critical challenges facing the nation and the world. We support the U.S. Federal Government and Commercial clients within the continental USA. TestPros is dedicated to making lives better, safer and more secure.We are seeking an experienced CMMC (Cybersecurity Maturity Model Certification) Consultants to provide guidance and support to our team in achieving compliance with the latest CMMC 2.0 requirements. The consultant will work with our clients to help them navigate CMMC levels 1-3 and ensure continuous compliance with DoD cybersecurity regulations. This is a part-time, flexible position ideal for a subject matter expert with CMMC implementation experience.Start: Future projects late 2026 or 2027 (not an immediate job opening)Type: Part-time consultingKey Responsibilities:Assess Organizational Readiness: Evaluate current cybersecurity practices and gaps in relation to the three CMMC 2.0 levels (Foundational, Advanced, Expert).CMMC Certification Guidance: Provide expert advice on the steps required to achieve and maintain certifications for Levels 1, 2, 3 and 4. This includes guidance on self-assessments, third-party certifications, and government-led assessments.Compliance Strategy: Develop a comprehensive roadmap for achieving CMMC compliance, including identifying necessary controls and policies, implementing NIST SP 800-171/800-172 requirements, and addressing Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) security.Subcontractor Oversight: Assist prime contractors in ensuring that subcontractors meet CMMC certification requirements, implementing a robust supply chain compliance management system.Incident Reporting & Continuous Compliance: Provide guidance on establishing continuous monitoring and compliance processes, including the rapid reporting of security incidents (72-hour notification) and annual affirmations of compliance.Training & Awareness: Conduct training sessions for internal teams and contractors to understand the CMMC requirements and how to implement appropriate cybersecurity controls.Qualifications:Over 5 years of experience in cybersecurity consulting, specializing in DoD contracts, compliance frameworks (e.g., NIST SP 800-171), and CMMC implementationCertified CMMC Professional (CCP)Certified CMMC Assessor (CCA)Certified DOD CMMC assessor https://cyberab.org/CMMC-Ecosystem/Ecosystem-Roles/Assessing-and-CertificationExpertise in setting up an authorized CMMC Third Party Assessment Organization (C3PAO)Proficient with new CMMC 2.0 requirements and knowledgeable about the Department of Defense's recently released final rule for the Cybersecurity Maturity Model Certification (CMMC) Program.Experience working with the Defense Industrial Base (DIB) and handling Controlled Unclassified Information (CUI).Prior experience developing Plans of Action and Milestones (POA&M) for cybersecurity compliance.Familiarity with the latest DFARS Clause 252.204-7021 requirements and the implications of the August 2024 CMMC 2.0 updates.Technical Skills:Strong understanding of federal cybersecurity regulations such as DFARS and FISMA.Proficient in tools like eMASS and ACAS, with extensive knowledge of cybersecurity standards (NIST 800-171, NIST 800-172).Communication:Excellent written and verbal communication skills, with the ability to translate complex compliance details into clear, actionable guidance for non-technical audiences.Clearance:Active or recently active DoD security clearance (preferred but not required).Rate: $60-105/hr (1099 or Corp. To Corp.). This range represents a good-faith estimate and is not a guarantee; final compensation is determined by factors such as experience, qualifications, and government contract labor rate requirements and may fall outside the stated range.Equal Opportunity EmployerTestPros is an equal-opportunity employer and does not discriminate in employment based on race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or any other non-merit factor.Offer ConsiderationsTestPros considers several factors when extending an offer, including but not limited to, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, geographic location, education, and certifications.Federal ComplianceAs a federal contractor, TestPros is subject to all federal and state mandates and/or other customer requirements.
Optionally, you can add more information later (benefits, pre-screening questions, etc.)