Note: The job is a remote job and is open to candidates in USA. SANS Institute is a globally recognized provider of information security training and certification. They are seeking a Compliance Project Manager Consultant to support their Technology team with project management services for the organization's CMMC Level 2 compliance initiative, focusing on technical transitions and business process transformations necessary for certification.
Responsibilities
- Validate and refine the existing CUI boundary to reduce remediation scope and confirm assessment readiness
- Coordinate activities across IT Security, IT Operations, IT Engineering, and business stakeholders to support implementation of required CMMC practices and controls
- Track compliance initiatives, dependencies, corrective action plans, and project deliverables through completion
- Coordinate policy, process, and documentation updates required to support compliance and assessment readiness
- Identify project risks, develop mitigation strategies, escalate issues as appropriate, and recommend corrective actions to maintain project objectives
- Deliver project closeout documentation, transition materials, and final reporting upon completion of the engagement
- Provide regular executive updates regarding project status, risks, budget, schedule, and overall assessment readiness
- Coordinate cloud infrastructure and system migration activities necessary to support CMMC compliance, working collaboratively with internal engineering and operations teams
- Facilitate cross-functional meetings, document action items, and maintain accountability for project milestones and agreed-upon deliverables
- Partner with the Internal Audit & Compliance team to coordinate assessments, evidence collection, documentation, and remediation activities
- Develop, maintain, and manage the integrated project plan, project schedule, milestones, dependencies, risk register, and executive status reporting
- Collaborate with stakeholders to ensure project objectives and deliverables are met
- Communicate progress, risks, and recommendations as needed
- Perform related project work and deliverables within the scope of the engagement, as mutually agreed upon
Skills
- Demonstrated experience managing cybersecurity, compliance, governance, or risk-focused IT projects
- Experience coordinating technical teams across security, infrastructure, cloud, engineering, and operations functions
- Demonstrated understanding of AWS and enterprise system architectures, with the ability to engage credibly with technical stakeholders regarding system dependencies, data flows, and compliance boundary considerations
- Ability to quickly assess existing compliance artifacts and develop an actionable project plan with minimal onboarding
- Strong project management, organizational, communication, facilitation, and stakeholder management skills in remote work environments
- Strong organizational, communication, and problem-solving skills
- Ability to work independently and manage priorities in a remote environment
- Demonstrated ability to deliver high-quality work within established timelines
- Working knowledge of CMMC, NIST SP 800-171, or comparable cybersecurity compliance frameworks, including the ability to engage with control requirements and System Security Plan (SSP)/implementation documentation
- Experience leading or coordinating a CMMC Level 2 compliance initiative through third-party assessment and certification
- Experience performing CUI boundary validation and remediation planning within an active compliance program
- Familiarity with AWS cloud infrastructure in regulated or compliance-driven environments
- PMP, CSM, CISSP, CISA, CRISC, or similar professional certifications
Benefits
- Approved business travel required for the engagement may be reimbursed in accordance with SANS travel and expense guidelines and must be approved in advance by a designated SANS representative.
Company Overview