Demo

CMMC Program Manager

NeoSystems and Careers
Reston, VA Full Time
POSTED ON 3/22/2026
AVAILABLE BEFORE 5/21/2026

The CMMC Program Manager is responsible for leading clients through NeoSystems Security Program Management solution and driving the overall maturity of our security program. This role oversees the development, implementation, and continuous improvement of cybersecurity compliance activities, ensuring alignment with regulatory requirements and industry best practices. The ideal candidate brings strong program management capabilities paired with hands‑on expertise in security controls, risk management, and governance frameworks. This leader partners closely with IT, engineering, legal, procurement, and executive stakeholders to maintain a robust, audit‑ready security posture that supports organizational objectives.

Role and Responsibilities:
CMMC Program Leadership
  • Lead the clients CMMC readiness, certification, and sustainment efforts across all required domains.
  • Conduct gap assessments against CMMC practices and processes; develop and manage remediation roadmaps.
  • Oversee creation and maintenance of required documentation, policies, SSPs, POA&Ms, and evidence repositories.
  • Coordinate with external assessors, RPOs, and C3PAOs during audits and assessments.
  • Ensure continuous compliance and maturity progression as CMMC requirements evolve.
Security Program Management
  • Develop, implement, and maintain the enterprise security program aligned with NIST 800‑171, NIST CSF, ISO 27001, and other relevant frameworks.
  • Manage cross‑functional security initiatives, including risk assessments, vulnerability management, incident response planning, and third‑party risk.
  • Establish KPIs, metrics, and reporting mechanisms to track program performance and communicate status to leadership.
  • Drive policy development, lifecycle management, and organizational adoption of security standards.
  • Partner with IT and engineering teams to ensure security controls are implemented effectively and sustainably.
Governance, Risk & Compliance
  • Lead internal audits, control testing, and continuous monitoring activities.
  • Maintain a strong understanding of federal contracting requirements, DFARS 252.204‑7012, and related compliance obligations.
  • Support contract reviews, security clauses, and customer assurance activities.
  • Identify risks, propose mitigation strategies, and ensure timely remediation.
Stakeholder Engagement & Leadership
  • Serve as a trusted advisor to senior leadership on cybersecurity maturity and compliance posture.
  • Provide guidance and training to internal teams on CMMC practices and security best practices.
  • Foster a culture of security awareness and accountability across the organization.
  • Manage vendor relationships related to cybersecurity tools, assessments, and advisory services.
  • Responsible for initial delivery of CMMC Program with program & deliverable oversight for CMMC clients.
  • Lead the implementation of documented strategies to achieve and maintain compliance with CMMC requirements across designated products.
  • Collaborate with other relevant departments to ensure a comprehensive approach to CMMC compliance.
  • Participate in client information security risk and compliance assessments and audits.
  • Lead client gap analysis and remediation plans.
  • Lead Incident Response Tabletop exercises and supporting efforts.
  • Deliver external processes to support the overall maturity of the Federal practice within client organizations.
Qualifications:
  • Bachelor’s degree in information systems or related field
  • 5-10 years of experience in consulting, compliance, and cybersecurity or security program experience.
  • CISSP or equivalent certification required or equivalent work experience
  • Strong understand of security governance, risk management, and control frameworks.
  • Strong understanding of CMMC framework and its requirements.
  • Excellent communication and people skills to effectively interact with various stakeholders.
  • Ability to lead and influence cross-functional teams towards a common goal.
  • Detail-oriented with strong analytical and problem-solving skills.
  • Provide ability to manage complex, cross-functional programs to drive results.
  • CMMC-RPA certification required within first 90 days of employment.
Additional Notes
  • Ability to travel
  • Location: Remote but must be within the continental United States

Where required by law, this posting includes a good‑faith pay range for candidates who will perform the role in specific jurisdictions. For other locations, the actual compensation may differ. Final compensation will be determined based on qualifications, experience, skills, work location, internal equity, and current market data. This job posting is not a contract or promise of employment or any particular compensation, and any employment offer will be set out in a written offer letter.


EOE M/F/D/V

Salary : $132,000 - $162,000

If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a CMMC Program Manager?

Sign up to receive alerts about other jobs on the CMMC Program Manager career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$88,764 - $116,465
Income Estimation: 
$90,211 - $164,353
Income Estimation: 
$110,276 - $164,105
Income Estimation: 
$95,007 - $124,623
Income Estimation: 
$89,191 - $127,928
Income Estimation: 
$168,545 - $198,692
Income Estimation: 
$182,502 - $249,036
Income Estimation: 
$207,946 - $249,343
Income Estimation: 
$175,165 - $219,883
Income Estimation: 
$182,642 - $260,237
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at NeoSystems and Careers

Principal Azure Solutions Architect
Apply
  • NeoSystems and Careers Reston, VA
  • This role is responsible for designing, analyzing, and maintaining Microsoft Azure cloud infrastructures (Azure Government and Commercial) that meet compli... more
  • 1 Day Ago
Security Operations Engineer
Apply
  • NeoSystems and Careers Reston, VA
  • The Security Operations Engineer (SecOps Engineer) supports day-to-day security operations for our managed services and security customers, supporting cust... more
  • 11 Days Ago
View More Jobs at NeoSystems and Careers

Not the job you're looking for? Here are some other CMMC Program Manager jobs in the Reston, VA area that may be a better fit.

CMMC Program Analyst - placement
Apply
  • Apex Systems Alexandria, VA
  • Job#: 3027586 Job Description: Cybersecurity Program Analyst Location: Alexandria, Virginia (Hybrid) Employment Type: Contract to Perm Role Overview We are... more
  • 20 Days Ago
CMMC Compliance Manager
Apply
  • OSIbeyond Rockville, MD
  • About the Role: This role operates within a Compliance as a Service (CaaS) model, where compliance is delivered as an ongoing managed service—not a one-tim... more
  • Just Posted
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!