Director of CMMC Services
Executech
- Flagstaff, AZ
- Permanent
- Full-time
The Director of CMMC Services serves as the inaugural leadership position responsible for developing and managing a CMMC-focused Managed Services Offering. This role integrates virtual Chief Information Security Officer (vCISO) duties—encompassing cybersecurity strategy and client compliance guidance—with Director of Operations responsibilities, including processes, personnel, tools, and organizational structure. The incumbent will design and establish the business from its foundational stages.
The Director of CMMC Services will collaborate on the design, implementation, and oversight of all operational and compliance frameworks, working in close partnership with a CMMC consultant. This includes defining roles, responsibilities, and workflows for the Service Desk, Partner Success, Technical Alignment, Design Desk, and Project Services teams, ensuring alignment with the TruMethods framework.Key Responsibilities
CMMC Program Leadership
- Define and lead the CMMC service delivery framework, including assessment, remediation, and monitoring processes.
- Collaborate with the CMMC consultant to act as vCISO for clients, delivering compliance roadmaps, policies, and risk management strategies.
- Partner with the CMMC consultant to develop processes for evidence collection, System Security Plan (SSP) and Plan of Actions and Milestones (POAM) creation, and ongoing compliance maintenance.
- Ensure all client engagements comply with NIST SP 800-171 and CMMC certification requirements.
- Develop and document Standard Operating Procedures (SOPs) for all departments, including Service Desk, Partner Success Manager (PSM), Technical Alignment Manager (TAM), Design Desk, and Project Services (PS), with validation from the CMMC consultant.
- Contribute to the selection, implementation, and optimization of the Managed Service Provider (MSP) tool stack, such as Professional Services Automation (PSA), Remote Monitoring and Management (RMM), compliance tools, and documentation systems.
- Assist in defining service tiers, packaging, and pricing for CMMC-aligned MSP offerings.
- Collaborate with the CMMC consultant to establish a governance structure, including weekly operations reviews, monthly compliance reviews, and client Quarterly Business Reviews (QBRs).
- Assemble the initial team and oversee:
- Service Desk Manager (SDM), who manages Service Desk Engineers (SD1–3).
- Partner Success Manager (PSM), responsible for client relationships and vCIO functions.
- Technical Alignment Manager (TAM), focused on standards, best practices, and compliance alignment.
- Design Desk, which translates TAM and PSM findings into standardized solutions, scopes, and Statements of Work (SOWs) for delivery by Project Services.
- Project Services (PS), responsible for executing projects and compliance initiatives.
- Mentor, train, and develop the team in CMMC methodologies and MSP best practices.
- Partner with the Chief Security Officer (CSO) to advance business strategy, proposals, and client acquisition.
- Extensive experience in cybersecurity, compliance, and operational leadership, with a preference for MSP or Managed Security Service Provider (MSSP) environments.
- In-depth knowledge of CMMC, NIST SP 800-171, and Defense Federal Acquisition Regulation Supplement (DFARS).
- Demonstrated success in building or scaling service delivery teams.
- Preferred certifications: Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), CMMC-AB Registered Practitioner (RP) or Certified CMMC Professional (CCP), Project Management Professional (PMP), and IT Infrastructure Library (ITIL).
- Entrepreneurial mindset with the ability to establish structure in a nascent business.