Cybersecurity Project Manager

K&K Global Talent Solutions Inc. is an international recruiting agency that has been providing technical resources in the Canada and the USA region since 1993.

This position is with one of our clients in USA, who is actively hiring candidates to expand their teams.

 

Role:- CMMC Level 2 Project Manager    

Location:- Blue Bell, PA (onsite)

Fulltime

 

Job Description

Must Have Technical/Functional Skills

The CMMC Level 2 Project Manager leads the planning, coordination, and execution of initiatives required to achieve and maintain Cybersecurity Maturity Model Certification (CMMC) Level 2 compliance. This role partners across Information Security, Infrastructure, Application teams, Legal, HR, Procurement, and business stakeholders to deliver a structured compliance program aligned to NIST SP 800-171 requirements, Controlled Unclassified Information (CUI) protection expectations, assessment readiness, and ongoing certification maintenance.

 

Key Responsibilities

·       Lead the end-to-end CMMC Level 2 program, including scope definition, project planning, governance, dependency management, risk tracking, issue resolution, and executive reporting.

·       Coordinate cross-functional implementation of controls aligned to NIST SP 800-171 and CMMC Level 2 requirements for systems that store, process, or transmit CUI.

·       Develop and maintain the integrated project plan, milestone schedule, RAID log, resource plan, and status reporting cadence.

·       Partner with control owners to assess current-state maturity, identify gaps, prioritize remediation activities, and track closure of deficiencies.

·       Drive development and maintenance of required compliance artifacts, including policies, procedures, system security plans, evidence inventories, diagrams, and assessment support documentation.

·       Coordinate readiness activities for internal reviews, mock assessments, self-assessments, or C3PAO-led assessments, including interview preparation and evidence validation.

·       Facilitate scoping decisions, boundary definition, enclave planning, and system inventory alignment to support defensible assessment readiness.

·       Monitor POA&M items, remediation timelines, and control implementation progress to ensure readiness targets are met.

·       Support SPRS-related coordination, affirmation preparation, and documentation needed for ongoing compliance activities, where applicable.

·       Manage vendor, consultant, and assessor engagement activities related to the compliance program.

·       Establish program governance forums and provide concise updates to leadership on schedule, risks, costs, dependencies, and certification readiness.

·       Promote sustainable compliance by embedding repeatable processes, ownership clarity, and continuous monitoring practices after certification.

 

Required Qualifications

·       Bachelor’s degree in Information Technology, Cybersecurity, Business, Project Management, or a related field, or equivalent practical experience.

·       5+ years of project or program management experience leading complex cross-functional initiatives.

·       Direct experience supporting CMMC 2.0, NIST SP 800-171, DFARS cybersecurity requirements, or comparable regulated compliance programs.

·       Strong understanding of CMMC Level 2 expectations, including protection of CUI, assessment readiness, evidence management, and remediation planning.

·       Experience building and managing integrated project plans with multiple workstreams across technical and non-technical teams.

·       Demonstrated ability to manage risks, dependencies, budgets, timelines, and stakeholder communication in a highly regulated environment.

·       Strong written and verbal communication skills, including the ability to translate technical compliance requirements into clear business actions.

·       Proficiency with project management methods, reporting tools, and governance processes.

 

Preferred Qualifications

·       PMP, PRINCE2, Certified ScrumMaster, or similar project management certification.

·       Experience working with defense contractors, government suppliers, or organizations handling CUI.

·       Familiarity with C3PAO assessment preparation, SPRS submissions, and continuous compliance practices.

·       Knowledge of related frameworks such as NIST SP 800-171A, NIST SP 800-53, FedRAMP, ISO 27001, or risk management frameworks.

·       Experience coordinating cybersecurity, infrastructure, identity, endpoint, and policy remediation workstreams.

·       Background in audit readiness, compliance documentation, or regulated control testing.

 

Core Competencies

·       Program leadership and cross-functional coordination

·       Compliance planning and execution discipline

·       Risk and issue management

·       Executive communication and stakeholder management

·       Documentation governance and evidence organization

·       Problem-solving and decision-making

·       Attention to detail and follow-through

·       Change management and organizational alignment

 

Success Measures

·       Program milestones achieved on schedule.

·       Documented reduction of control gaps and timely closure of remediation items.

·       Assessment artifacts are complete, organized, and audit-ready.

·       Stakeholders are aligned on scope, ownership, and compliance priorities.

·       The organization achieves and sustains CMMC Level 2 readiness or certification with minimal disruption to operations.