Information Security Compliance Manager
About the role
This role serves as the primary technical authority on the Cybersecurity Maturity Model Certification (CMMC) framework, leading Re:Build’s cross-functional compliance efforts, including maintenance of our existing Level 2 certification and expansion to include new business units, including CUI scoping, internal gap and mock assessments, control implementation, training, documentation, and certification assessment.
Responsibilities
- Lead detailed gap analyses across technical, administrative, and physical controls to identify deficiencies and required remediation at both certified entities and entities pursuing CMMC certification.
- Translate CMMC practices into clear, actionable technical requirements for IT, Engineering, Manufacturing, Security, HR, and other impacted teams.
- Guide and validate the implementation of required controls, ensuring alignment with CMMC and NIST SP 800-171 assessment criteria.
- Support CUI scoping activities including asset inventory validation, boundary definition, and data flow mapping.
- Develop and implement compliance policies, procedures, and standards for cybersecurity, and assist other functions and business units in developing their own.
- Collaborate with assessors to support readiness and certification activities.
- Conduct risk assessments and provide recommendations to mitigate cybersecurity and compliance risks.
- Assess and report progress toward compliance objectives, including readiness status and control maturity.
- Advise leadership on compliance risks, technical challenges, and factors that may impact certification timelines or sustainment.
- Generate reports for cybersecurity leadership and contribute to executive level updates.
- Provide formal and ad-hoc guidance and training to employees on cybersecurity compliance matters, including CMMC-specific responsibilities.
- Represent the security function in meetings, planning sessions, and cross-functional initiatives, including travel to sites as needed.
Requirements
- A bachelor's degree in information technology, cybersecurity, related field, or equivalent experience.
- Current cybersecurity certification (one or more of: CISSP, CISM, CISA, CCP, or CCA).
- Extensive hands on experience interpreting, implementing, and assessing CMMC, NIST SP 800-171, DoD, and ITAR cybersecurity requirements.
- Strong analytical skills, attention to detail, and ability to provide clarity in complex, unprecedented or ambiguous environments.
- Strong organizational, communication and interpersonal skills with the ability to guide and influence technical and non-technical teams.
- Proficiency with compliance tracking tools, GRC platforms, and project management tools.
Qualifications
- To conform to U.S. Government technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C 1324b(a)(3), or eligible to obtain the required authorizations from the U.S.
Skills
- Knowledge of CMMC, NIST SP 800-171, DoD, and ITAR cybersecurity frameworks.
- Experience in conducting gap analyses and implementing cybersecurity controls.
- Ability to translate technical requirements into actionable items for various teams.
- Strong collaboration and communication skills.
- Proficiency in compliance tracking and project management tools.
Benefits
The base salary range for this position is $134,000 – $215,000 per year. This range represents the Company’s good faith estimate of the base compensation for this role at the time of posting. Actual compensation will be determined based on several factors, including but not limited to relevant experience, skills, qualifications, internal equity, and geographic location. In addition to base salary, this role may be eligible for annual incentive compensation and/or long-term incentives, subject to Company plans. The Company offers a comprehensive benefits package including medical, dental, vision, retirement, paid time off, and other benefits.
Pay
The base salary range for this position is $134,000 – $215,000 per year.
Schedule
The schedule for this role is not specified.