AeroVironment

CMMC Compliance Lead

AeroVironment

full-time

Posted on:

Location Type: Remote

Location: AlabamaCaliforniaUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cyber Security

About the role

  • Serve as AV’s subject matter expert on CMMC 2.0 requirements, assessment objectives, scoping rules, and evidence expectations.
  • Lead detailed gap analyses across technical, administrative, and physical controls to identify deficiencies and required remediation.
  • Translate CMMC practices into clear, actionable technical requirements for IT, Engineering, Security, Facilities, HR, and other impacted teams.
  • Guide and validate the implementation of required controls, ensuring alignment with CMMC and NIST SP 800‑171 assessment criteria.
  • Support CUI scoping activities including asset inventory validation, boundary definition, and data flow mapping.
  • Support the development, implementation, and maintenance of cybersecurity compliance programs aligned with CMMC, SOX, UKCE, ITAR, EAR, and other regulatory requirements.
  • Maintain compliance with external regulations and internal policies, ensuring consistent application across all in‑scope systems and processes.
  • Develop and implement compliance policies, procedures, and standards for cybersecurity, and assist other functional organizations in developing their own.
  • Coordinate with IT Infrastructure, Enterprise Systems, Legal, Risk Management, and other departments to ensure compliance requirements are understood and executed.
  • Lead the creation, refinement, and maintenance of compliance documentation including SSPs, POA&Ms, ConMon materials, policies, procedures, and evidence artifacts.
  • Establish structured evidence collection and artifact management processes to ensure audit readiness.
  • Perform internal readiness assessments, mock audits, and control testing to prepare AV for C3PAO evaluation.
  • Oversee compliance audits and assessments, ensuring timely remediation and accurate reporting.
  • Collaborate with external advisors, consultants, and assessors to support readiness and certification activities.
  • Conduct risk assessments and provide recommendations to mitigate cybersecurity and compliance risks.
  • Assess and report progress toward compliance objectives, including readiness status and control maturity.
  • Advise leadership on compliance risks, technical challenges, and factors that may impact certification timelines or sustainment.
  • Generate reports for senior cybersecurity leadership and contribute to executive‑level updates.
  • Provide guidance and training to employees on cybersecurity compliance matters, including role‑based CMMC responsibilities.
  • Develop awareness materials and communication strategies to support compliance adoption across the organization.
  • Represent the cybersecurity function in meetings, planning sessions, and cross‑functional initiatives.

Requirements

  • Bachelor’s degree in Information Systems, Cybersecurity, Engineering, or related field (or equivalent experience).
  • Extensive hands-on experience with CMMC 2.0, NIST SP 800‑171, and DoD cybersecurity requirements.
  • Demonstrated expertise conducting CMMC gap analyses, readiness assessments, and control evaluations.
  • Strong technical understanding of security controls across access control, configuration management, incident response, logging/monitoring, vulnerability management, and secure system design.
  • Experience implementing and validating technical, administrative, and physical controls required for CMMC compliance.
  • Deep familiarity with CUI handling requirements, enclave design, and scoping methodologies.
  • Experience supporting or preparing for third‑party assessments or regulatory audits.
  • Strong communication and interpersonal skills with the ability to guide and influence technical and non‑technical teams.
  • Proficiency with compliance tracking tools, GRC platforms, or evidence management systems.
  • Ability to work independently and as part of a team; may manage small teams or project groups.
  • U.S. Citizen, U.S. Permanent Resident (Green Card holder) or asylee/refugee status as defined by 8 U.S.C. 1324b(a)(3) required.
Benefits
  • AV offers an excellent benefits package including medical, dental vision, 401K with company matching, a 9/80 work schedule and a paid holiday shutdown.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
CMMC 2.0NIST SP 800-171cybersecurity compliancegap analysesreadiness assessmentssecurity controlsCUI handlingvulnerability managementincident responsesecure system design
Soft Skills
communication skillsinterpersonal skillsguidanceinfluenceindependent workteam collaborationleadershiptrainingreportingadvising