Oversee implementation and ongoing adherence to NIST SP 800-171 controls related to the protection of Controlled Unclassified Information (CUI).
Collaborate with IT Networking teams and Managed Services Partner (MSP) to assess cybersecurity posture and implement required safeguards.
Maintain documentation including SSP (System Security Plan), POA&M (Plan of Action & Milestones), incident response procedures, and audit records.
Lead preparation for Dept of War or customer compliance assessments, including CMMC readiness and assessments.
Train personnel on security practices, data-handling requirements, and quality-related compliance procedures.
Maintain knowledge of most current updates in NIST and CMMC requirements and develops plans for updating NS policies, procedures and artifacts accordingly.
Develop, document, implement, and maintain the company’s Quality Management System (QMS).
Create, refine, and enforce quality and compliance policies, standard operating procedures, and documentation controls.
Lead internal and external quality audits; coordinate corrective and preventive actions (CAPA).
Track and analyze compliance and quality metrics; drive data-based improvements across the organization.
Oversee supplier compliance, quality, incoming inspections, non-conformance management, and root-cause analysis.
Work closely with networking/IT teams to ensure that systems impacting quality or compliance are properly configured, monitored, and secured.
Understand network diagrams, data flows, and system interactions relevant to quality systems and CUI management.
Evaluate and validate technical controls such as access management, system hardening, logging, and encryption to ensure alignment with NIST requirements.
Support validation of connected systems used in development, testing, or data collection.
Lead cross-functional problem-solving initiatives and process improvements.
Compliance planning for implementation of new technologies including AI tools.
Mentor and guide team members on quality principles, documentation, and compliance requirements.
Serve as the primary quality and compliance liaison to customers, suppliers, and regulatory bodies.
Facilitate communication between engineering, operations, IT teams, and executive leadership.
Support medical, aviation, automotive or other compliance standards as required by non-DoW clients.

Requirements

Bachelor’s degree in Engineering, Quality, Information Technology, Cybersecurity, or a related field.
Minimum 7 years of experience in compliance/quality management or quality engineering.
Direct experience implementing or maintaining NIST SP 800-171 and CMMC policies and procedures.
Preferred experience with ISO-9001, AS9100, and ISO-13485 quality systems, but not required.
Demonstrated success leading audits, investigations, and process-improvement projects.
Due to compliance with U.S. export control laws and regulations, candidate must be a U.S. Person, which is defined as, a U.S. citizen, a U.S. permanent resident, or have protected status in the U.S. under asylum or refugee status.
Working knowledge of networking concepts (e.g., firewalls, VLANs, access control, encryption, endpoint security).
Excellent documentation, communication, and leadership skills.
Demonstrated experience in influential leadership across multiple teams.
Ability to teach audit participation techniques.
Knowledge of DoW contracting requirements and cybersecurity regulations.
Experience with compliance and quality management tools (e.g., Drata, control plans).

Benefits

Flexible, comprehensive benefit package
Fun, team-based culture
Opportunity to learn and grow
And dog-friendly environment

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

NIST SP 800-171CMMCISO-9001AS9100ISO-13485quality managementcompliance managementincident responsedata analysisaccess management

Soft Skills

leadershipcommunicationdocumentationmentoringproblem-solvingcollaborationtraininginfluential leadershipprocess improvementfacilitation