Information Security Compliance Manager

Re:Build Manufacturing is a growing family of industrial and engineering businesses combining enabling technologies, operational superiority, and strategic M&A to build America’s next generation industrial company. At Re:Build we deploy deep expertise in engineering, operations management, and technology to supercharge the performance of our member companies. We leverage deep professional expertise and a candid, principled operating culture to drive differentiated outcomes. Ours is a fast-paced environment where individuals can stretch and be challenged to pursue their fullest potential.

Re:Build was founded to pioneer a profitable model for the revitalization of US manufacturing. We’ve assembled a powerful set of complimentary capabilities and lines of business that enable us to pursue a wide range of end markets. Our acquired businesses are grounded in build-to-print and by-the-hour engineering and design services, and we’re leveraging their combined expertise to migrate to increasingly sophisticated program development and production, as well as the generation of our own products. Our unique set of capabilities lend themselves to highly complex systems and products, and we offer customers a range of services including product and systems design, automation, fabrication, assembly, and large volume contract manufacturing. Our customers span a wide array of industries including aerospace, defense, mobility, healthcare, pharma, biotech, clean tech, chemicals, energy, lifestyle, food production, and industrial equipment.

This role serves as the primary technical authority on the Cybersecurity Maturity Model Certification (CMMC) framework, leading Re:Build’s cross-functional compliance efforts, including maintenance of our existing Level 2 certification and expansion to include new business units, including CUI scoping, internal gap and mock assessments, control implementation, training, documentation, and certification assessment. This role is instrumental to Re:Build’s critical initiative to sustain and expand CMMC certification, ensuring that all NIST SP 800-171 technical, administrative, and physical controls are properly implemented, validated, and documented across the enterprise, ensure program alignment with EAR, ITAR, and other customer requirements, and support expansion to include NIST SP 800-171r3 and 800-172

What you get to do!

• Lead detailed gap analyses across technical, administrative, and physical controls to identify deficiencies and required remediation at both certified entities and entities pursuing CMMC certification.
• Translate CMMC practices into clear, actionable technical requirements for IT, Engineering, Manufacturing, Security, HR, and other impacted teams.
• Guide and validate the implementation of required controls, ensuring alignment with CMMC and NIST SP 800-171 assessment criteria.
• Support CUI scoping activities including asset inventory validation, boundary definition, and data flow mapping.
• Develop and implement compliance policies, procedures, and standards for cybersecurity, and assist other functions and business units in developing their own.
• Coordinate with IT, Legal, HR, and business units to ensure compliance requirements are understood and completed.
• Lead the creation, refinement, and maintenance of compliance documentation including SSPs, POA&Ms, ConMon materials, policies, procedures, and evidence artifacts.
• Establish and implement structured evidence collection and artifact management processes to ensure audit readiness.
• Perform internal readiness assessments, mock audits, and control testing to maintain confidence in Re:Build’s compliance posture and prepare for C3PAO assessment.
• Collaborate with assessors to support readiness and certification activities.
• Conduct risk assessments and provide recommendations to mitigate cybersecurity and compliance risks.
• Assess and report progress toward compliance objectives, including readiness status and control maturity.
• Advise leadership on compliance risks, technical challenges, and factors that may impact certification timelines or sustainment.
• Generate reports for cybersecurity leadership and contribute to executive level updates.
• Provide formal and ad-hoc guidance and training to employees on cybersecurity compliance matters, including CMMC-specific responsibilities.
• Represent the security function in meetings, planning sessions, and cross-functional initiatives, including travel to sites as needed.

What you bring to the Team

• A bachelor's degree in information technology, cybersecurity, related field, or equivalent experience.
• Current cybersecurity certification (one or more of: CISSP, CISM, CISA, CCP, or CCA).
• Extensive hands on experience interpreting, implementing, and assessing CMMC, NIST SP 800-171, DoD, and ITAR cybersecurity requirements.
• Formal CCA or CCP training (if not certification) preferred.
• Strong analytical skills, attention to detail, and ability to provide clarity in complex, unprecedented or ambiguous environments.
• Strong organizational, communication and interpersonal skills with the ability to guide and influence technical and non-technical teams.
• Proficiency with compliance tracking tools, GRC platforms, and project management tools.
• Willingness to travel domestically up to 10-20%, depending on business needs.
• To conform to U.S. Government technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C 1324b(a)(3), or eligible to obtain the required authorizations from the U.S.

The BIG payoff

We are a company who is going to make a difference in the industries and the communities in which we choose to operate.

Every employee of Re:Build will share ownership in the company and will share in the financial rewards of the success we achieve together, at all levels of the company!

We want to work with people that reflect the communities in which we operate

Re:Build Manufacturing is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, marital status, parental status, cultural background, organizational level, work styles, tenure and life experiences. Or for any other reason.

Re:Build is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at accommodations.ta@ReBuildmanufacturing.com or you may call us at 617.909.6275.