Sr. GRC Engineer (Government)

Workstreet

$90K — $130K *
US-AnywhereRemote in United States
Aerospace & Defense
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years of experience in defense contractor compliance and relevant cybersecurity frameworks such as CMMC and NIST.
  • 3+ years of leadership experience in managing small teams.
  • Deep knowledge of CUI handling requirements and relevant DFARS clauses.
  • Experience in implementing and assessing NIST SP 800-171 controls.
  • Familiarity with DoD supply chain requirements and contractor workflows.
  • Prior work with small to mid-sized defense contractors.

Responsibilities

  • Analyze and interpret CMMC and NIST SP 800-171 controls to ensure client compliance with defense standards.
  • Develop and maintain essential CMMC documentation like System Security Plans and Plans of Action & Milestones.
  • Conduct assessments for organizations preparing for CMMC certification.
  • Collaborate to identify and rectify cybersecurity gaps for contractors to meet CMMC requirements.
  • Guide clients through the CMMC assessment process and engage with Certified Third-Party Assessment Organizations.
  • Manage multiple CMMC compliance projects and ensure deadlines are met.
  • Lead and mentor a team of compliance professionals to achieve CMMC objectives.

Benefits

  • Opportunity to work in a dynamic startup environment with growing responsibilities.
  • Mentorship and leadership growth opportunities within the cybersecurity field.
  • Engagement with crucial defense contracting projects that support national security.
  • Ability to work remotely with flexible scheduling aligned to US Eastern Time.
Full Job Description
Sr. GRC Engineer (Government)

What You'll Do:
  • Analyze and interpret CMMC requirements and NIST SP 800-171 controls to ensure client compliance with Department of Defense cybersecurity standards.
  • Develop, implement, and maintain System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), and other CMMC-required documentation.
  • Conduct gap assessments and readiness reviews for organizations pursuing CMMC certification.
  • Collaborate with defense contractors to identify and remediate gaps in their cybersecurity programs to meet CMMC Level 1 and Level 2 requirements.
  • Guide clients through the CMMC assessment process and coordinate with Certified Third-Party Assessment Organizations (C3PAOs).
  • Manage and coordinate multiple CMMC compliance projects across various defense contractors, ensuring timely completion before contract deadlines.
  • Lead and mentor a small team of compliance professionals to effectively deliver on CMMC objectives.
  • Stay current with evolving CMMC requirements, CMMC 2.0 rulemaking, and DoD cybersecurity policies.


Who You Are:
  • Strong organizational skills with the ability to manage multiple CMMC compliance projects concurrently.
  • 5+ years of experience in defense contractor compliance, CMMC, NIST 800-171, NIST 800-53, or FedRAMP implementation.
  • 3+ years of leadership experience managing or guiding a small team.
  • Deep understanding of CUI handling requirements and DFARS clauses [redacted], [redacted], [redacted], [redacted]).
  • Experience with NIST SP 800-171 control implementation and assessment.
  • Familiarity with DoD supply chain requirements and defense contractor workflows.
  • Experience working with small to mid-sized defense contractors.
  • Knowledge of common GCC High, Azure Government, or AWS GovCloud environments.
  • Experience thriving in a fast-paced startup environment.


Preferred Qualifications:
  • CMMC Registered Practitioner (RP), CMMC Certified Professional (CCP), or CMMC Certified Assessor (CCA) certification.
  • Security+ or CISSP certification.
  • Experience with SPRS reporting and maintaining scores of 110.
  • Familiarity with ITAR compliance requirements.
  • Ability to obtain U.S public trust security clearance.
  • Previous experience working directly with C3PAOs or as part of assessment teams.

Requirements:
  • Must be a US citizen or permanent resident (due to potential access to CUI).
  • Must be located in the United States.
  • Ability to obtain security clearance if required by client engagements.
  • Available for occasional travel to client sites within the US (estimated 10-20%).
Work Environment Requirements:
  • Reliable high-speed internet connection.
  • Quiet, professional home office setup.
  • Must be amenable to work US Eastern Time zone hours.
  • Fluency in written and verbal English communication skills.

Similar Jobs

More Jobs at Workstreet

More Aerospace & Defense Jobs

Find similar Sr. GRC Engineer (Government) jobs: