The CMMC Program Manager will be responsible for building and executing the CMMC Security Program at Georgia Tech. The ideal candidate for this role is someone who can thrive in a fast-paced, dynamic environment. In addition, this role will support GT departments and staff in CMMC compliance research and research proposal development for funding complex, multidisciplinary DOD proposals. This role will strategically collaborate with other research entities within Georgia Tech to coordinate, develop, fund, and implement CMMC compliant DOD Research projects into cohesive programmatic thrusts that can be leveraged into academic, industry, government, and community partnerships. In addition, CMMC Program Manager is a critical role of our overall efforts to security our DOD Research environments while increasing our ability to leverage our digital assets towards achieving excellence.
Key objectives of the CMMC Program Manager are as follows:
1. Promote CMMC Compliance as a shared responsibility across Georgia Tech’s Research Community
2. Increase the skills and capabilities within the Georgia Tech CMMC Security Program
3. Create pathways for career advancement into cybersecurity and CMMC Framework
The CMMC Program Manager role at Georgia Tech has responsibilities for the following within the unit they represent, with direction and oversight from the Cyber Security Office:
– Oversee all CMMC Security Program activities for CUI Research Projects at Georgia Tech. Collaborating with
key stakeholders to determine relevant in-scope controls, to identifying significant changes that warrant
special handling, to following significant change processes.
– Work toward process improvement and enhance capability maturity, performing redesign and developing
plans, requirements, and compliance specifications for automation.
– Develop and maintain the calendar of compliance requirements for assigned identified control owners.
– Collaborate with a range of stakeholders from individual contributors to senior leadership to external parties
including Gov/Agency Partners and/or Third-Party Security Assessors.
– Drive activities related to the remediation of CMMC Requirements Gaps, technical security, and compliance
risks with cross-functional teams, including, but not limited to, engaging third party services, leading meetings,
assigning, and tracking work items, producing reports, and escalating risks and issues.
– Financial management of the CMMC program to ensure maximization of investments to ensure security while
increasing support for research activities.
Cybersecurity Maturity Model Certification is responsibility of the entire Georgia Tech Research Community. As such, a collaborative approach is necessary for effectively protecting our digital assets and capabilities from threats attempting to obtain GT’s Control Unclassified DOD Research Information.
The CMMC Security Program must work with other IT and functional leaders across campus to create a balanced approach to securing our research environments while empowering our stakeholders to meet their goals and objectives. GT, like many large R1 organizations, must become CMMC 2.0 Compliant by mandate of the Federal Government to continue to obtain Federal DOD Research Projects.
CMMC 2.0 compliance is complex and multifaceted, thus requiring that we marshal all our efforts to work together to mitigate them or ensure that we maintain operations within our risk tolerance level.
It is often challenging to apply one set of standards across the entire institution without causing increased friction to the progress needed for conducting core Institute business – instruction, research, and service. To evolve to a mature CMMC Security Program that caters to the needs of our various constituents, will require that all voices are represented in the development and implementation of CMMC key policies, standards, projects, and processes.
This position is 100 percent remote. Out of state candidates can be submitted.
related work experience in Information Security or relevant Compliance roles supporting sensitive Federal Research Projects (e.g., DFARS (2 years)
PMP Certification (0 years)
Knowledge of Federal Regulations for Cybersecurity Maturity Model Certification 2.0 Requirements (2 years)
IT security knowledge (0 years)
Bachelor’s degree or equivalent in Security, Computer Science, Management Information Systems, Business Administration (0 years)