Senior Consultant - CMMC

Bring your IT career and talents to CDW, where you can have a greater impact, be inspired by our mission and excited about your career and future. A Fortune 200 leader, we’re the driven professionals and technology experts companies turn to most to solve their IT challenges.

Job Summary:

CDW delivers a unified approach to addressing data risk through a unique combination of consulting service offerings.  CDW has brought together industry-leading expertise in cyber security, identity governance, access management, data privacy and analytics, internal audit, and hands-on training services, giving companies all that is needed to plan and develop effective risk and security programs. By integrating these services, we provide our clients with the flexible support they need to protect and leverage data across any part of their organization. Simply put, CDW is the next generation of risk management.

Our Privacy and Compliance team has developed and implemented data privacy and information security programs for some of the nation's largest and most complex organizations. Our clients represent public and private industries, including state and local government agencies, domestic and global technology firms, global retail chains, financial services firms, and healthcare organizations.

The CMMC Senior Consultant is responsible for providing services related to a broad range of privacy and security disciplines, including compliance assessments, program design, and policy development. He/She also provides high-quality content deliverables, ensuring solutions are implemented as designed to the customer’s satisfaction and approval.  Gains a clear understanding of the client's environment, identify client needs and effectively communicate solutions.  The CMMC Senior Consultant should have an expert level of knowledge of data protection technologies, industry-standard practices, and privacy-enhancing technologies.  The CMMC Senior Consultant will focus primarily on the delivery of engagements focused on 32 CFR part 170 (CMMC), NIST SP 800-171, NIST SP 800-171A, and other regulatory frameworks.

What you will do:

• Conducts client project-related cybersecurity and privacy risk assessments and privacy audits.

• Reviews cybersecurity and privacy practices and conducts periodic compliance assessments.

• Provides privacy and data protection training and awareness as requested in client engagements or internal workshops.

• Manage internal and external stakeholder expectations.

• Prepares reports and other deliverables that contain strategy, project or technical analysis, and findings in connection with our consulting engagements and communicates those results to the team and client management.

• Assists clients in creating or updating data maps, inventories, records of processing activities, and system security plans.

• Performs Data Protection Impact Assessments, Privacy Impact Assessments, and Transfer Impact Assessments.

• Operates as a subject matter expert and trusted technical advisor on cybersecurity or privacy risks and audits when interfacing with clients or peers, including internal sales and pre-sales resources.

• Serve as technical point of contact on customer engagements.

• Interacts effectively with co-workers and clients at all levels to foster and maintain strong working relationships.

• Prioritize assigned tasks and workloads as necessary.

• Creates or updates assessment documents when new laws or regulations are promulgated.

• Performs other duties as assigned by management.

• Mentor other consultants to apply consulting, engineering, and legal background knowledge for project design, analysis, and project coordination of services or products.

What we expect of you:  

• Bachelor's degree in business, computer science, a related technical degree, and 5+ years of experience delivering complex technical Cybersecurity and Data Privacy assessments and solutions, including planning, development, implementation, and support or practice of Cyber and Data Privacy Law, OR

• 9 years total Information Technology experience, including 5+ years of experience delivering complex technical Cyber Security and Data Privacy assessments and solutions, including planning, development, implementation, and support or practice of Cyber and Data Privacy Law.

• Experience interpreting international, federal, and state privacy and security regulations from a technical perspective.

• At least 5 years working with cross-functional teams, technical privacy and security controls, and operational risk tolerance.

• Experience performing privacy and/or security gap assessments, data maps and inventories, and Impact Assessments.

• Professional knowledge of the international, federal, and state rules, regulations, and guidance related to security and privacy, including but not limited to HIPAA, GLBA, GDPR, CCPA/CPRA, and CMMC.

• Working knowledge of cybersecurity controls as they relate to international, federal, and state rules, regulations, and guidance related to security and privacy, including but not limited to HIPAA, GLBA, GDPR, and CMMC.

• Ability to qualify or possess an IAPP CIPP; Ability to qualify or possess an ISC2 CISSP Certification.

• Intermediate skills in Microsoft Office Applications.

• Conducts client project-related cybersecurity and privacy risk analyses and audits.

• Reviews privacy and cybersecurity practices and conducts periodic compliance assessments.

• Provides privacy and data protection training and awareness as requested in client engagements or internal workshops.

• PIAs, DPIAs, TIAs, or other assessments. 

• Performs technical and legal research. 

• Assists clients in creating or updating data maps, data inventories, and records of processing activities. 

• Assists in preparing reports and other deliverables that contain strategy, project or technical analysis, and findings in connection with our consulting engagements and communicates those results to the team and client management.

• With the assistance of others, creates or updates assessment documents when new laws or regulations are promulgated.

• Possess a fundamental understanding of privacy engineering principles.

• Proven ability to maintain and create technical documentation for assigned project work

• Demonstrated attention to detail and a penchant for accuracy

• History of balancing competing priorities with the ability to adapt to the changing needs of the business while meeting deadlines.

• Aptitude for learning new technology and legal requirements related to Data Privacy and quickly putting them into practical use.

• Valid U.S. driver’s license

• Ability and willingness to travel as needed to other CDW locations or client sites, not more than 10%.

• Advanced degree in cybersecurity and/or Juris Doctor from an American Bar Association-accredited law school, a plus.

• Obtained or working toward the following certifications, a plus:

  • Certified Information Privacy Technologist (CIPT)

  • Certified Information Privacy Manager (CIPM)

  • Certified Information Security Auditor (CISM)

  • Certified Information Security Manager (CISM)

  • HITRUST Certified CSF Practitioner (CCSFP)

  • Cyber AB Registered Practitioner Advanced (RPA)

  • Cyber AB CMMC Certified Professional (CCP)

Pay range: $89,000 - $148,200 depending on experience and skill set

Annual bonus target of 10% - subject to terms and conditions of plan

Benefits overview: https://cdw.benefit-info.com/

Salary ranges may be subject to geographic differentials

Who we are:
CDW is a leading technology solutions provider to business, government, education and healthcare organizations across the globe. Our fingerprints can be found on technology in workplaces of more than 250,000 companies; from fresh-faced start-ups to international conglomerates. With the breadth of products and services we offer, there is no request too big or too small. 

What you can expect from us: Culture, coworkers, careers. 
CDW is not only the People Who Get IT but the People who get People. Our relationships are fueled by our deep expertise and grounded in the CDW Way. Our empowering leadership makes things happen and inspires their teams to do the same. From the teammates beside us to the leaders who guide us, we move forward together. At CDW, you’ll work with people who inspire you. People with positive, success-driven attitudes who you will learn from and forge strong relationships with. Bring your best true self—and your best ideas—to CDW. Because diverse perspectives bring forth better problem solving—and better solutions for our customers on a rapidly evolving technology landscape.
 

Equal Opportunity Employer, including disability and protected veteran status

Benefits overview: https://cdw.benefit-info.com/