CMMC Manager

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, culture and talent experience and our ability to be compelling to our clients. You'll find an environment that inspires and empowers you to thrive both personally and professionally. There's no one like you and that's why there's nowhere like RSM.

Information Security CMMC Manager

The Information Security CMMC Manager is responsible for identifying, reporting on and recommending remediations for technical risks to firm and client information. Key roles for this position include applying information security controls frameworks to IT environments in production and in development and aligning information security controls with DevOps pipelines. This position is the RSM subject matter expert on Cybersecurity Maturity Model Certification (CMMC) and its certification requirements, NIST-CSF, and RSM security standards across RSM IT environments. These controls may apply to corporate IT, Line of Business, and Vendor managed on-premise or cloud hosted IT environments.

ESSENTIAL DUTIES:

• Lead research analysis efforts to document, develop, apply, evaluate and test the effectiveness of security controls and compliance with standard security frameworks with a focus on CMMC level 2 and NIST 800-53/171/171A
  
• Manage, lead, and organize tasks to document, design, control, and protect information systems supporting sensitive client data with mandated compliance requirements (i.e., Controlled Unclassified Information, ITAR, EAR)
  
• Manages roadmap for technical systems and technology project compliance with documented security policy, standards and stated control frameworks
  
• Communicates the effectiveness of security controls to Information Security leadership and the business. Recommends mitigating controls.
  
• Provide Subject Matter Expertise and leadership in multiple areas supporting security policy, standards, security compliance, project related work, and other Information Security functions.
  
• Manage security integration into the DevOps pipeline.
  
• Other duties as assigned

QUALIFICATIONS:

EDUCATION/CERTIFICATIONS

Required:

• Bachelor's degree
• or equivalent work experience

Preferred:

• CISM, CMMC CCP

TECHNICAL/SOFT SKILLS

Required:

• Critical and structured thinking, formal analytic methods
• Ability to brief executives and a variety of stakeholders
• Solid understanding of security applied to OS, applications, networking, cloud, mobile, etc.
• Ability to perform under pressure and handle multiple priorities

EXPERIENCE

Required:

• 10+ years information security experience
• Ability to perform under pressure and handle multiple priorities
• Experience and familiarity with CMMC, NIST 800-53, 800-171 and 800-171A

LEADERSHIP SKILLS

Required:

• Experience leading multidisciplinary groups and organizations through security incidents is required.
• Ability to communicate and influence technical IT operators as well as very senior leadership.
• Cultural Leadership - Build, develop, and maintain rapport with IT counterparts, other stakeholders, and internally

At RSM, we offer a competitive benefits and compensation package for all our people.We offer flexibility in your schedule, empowering you to balance life's demands, while also maintaining your ability to serve clients.Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits.

All applicants will receive consideration for employment as RSM does not tolerate discrimination and/or harassment based on race; color; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender; sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the US uniformed service; US Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable federal, state or local law.

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership.RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please call us at 800-274-3978 or send us an email at careers@rsmus.com.

RSM does not intend to hire entry level candidates who will require sponsorship now OR in the future (i.e. F-1 visa holders). If you are a recent U.S. college / university graduate possessing 1-2 years of progressive and relevant work experience in a same or similar role to the one for which you are applying, excluding internships, you may be eligible for hire as an experienced associate.

RSM will consider for employment qualified applicants with arrest or conviction records in accordance with the requirements of applicable law, including but not limited to, the California Fair Chance Act, the Los Angeles Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the San Francisco Fair Chance Ordinance. For additional information regarding RSM's background check process, including information about job duties that necessitate the use of one or more types of background checks, click here.

At RSM, an employee's pay at any point in their career is intended to reflect their experiences, performance, and skills for their current role. The salary range (or starting rate for interns and associates) for this role represents numerous factors considered in the hiring decisions including, but not limited to, education, skills, work experience, certifications, location, etc. As such, pay for the successful candidate(s) could fall anywhere within the stated range.