Haystack
← Back to Jobs
Remote
Operations & Project Management

CMMC Level 2 Project Manager | 100% Remote | Full time

Pioneer Corporate Services IncUnited States🇺🇸United StatesPosted 7 Jul 2026

Quick Overview

Work Type
Remote
Level
Mid Senior

Job Description

Job ID - 417823
Job Title - CMMC Level 2 Project Manager
Skill - Project Management
Minimum Experience - 10 - 15 Years
Qualification - BACHELOR OF COMPUTER SCIENCE
Location - Blue Bell, PA

Must Have Technical/Functional Skills
The CMMC Level 2 Project Manager leads the planning, coordination, and execution of initiatives required to achieve and maintain Cybersecurity Maturity Model Certification (CMMC) Level 2 compliance. This role partners across Information Security, Infrastructure, Application teams, Legal, HR, Procurement, and business stakeholders to deliver a structured compliance program aligned to NIST SP 800-171 requirements, Controlled Unclassified Information (CUI) protection expectations, assessment readiness, and ongoing certification maintenance.

Key Responsibilities
·       Lead the end-to-end CMMC Level 2 program, including scope definition, project planning, governance, dependency management, risk tracking, issue resolution, and executive reporting.
·       Coordinate cross-functional implementation of controls aligned to NIST SP 800-171 and CMMC Level 2 requirements for systems that store, process, or transmit CUI.
·       Develop and maintain the integrated project plan, milestone schedule, RAID log, resource plan, and status reporting cadence.
·       Partner with control owners to assess current-state maturity, identify gaps, prioritize remediation activities, and track closure of deficiencies.
·       Drive development and maintenance of required compliance artifacts, including policies, procedures, system security plans, evidence inventories, diagrams, and assessment support documentation.
·       Coordinate readiness activities for internal reviews, mock assessments, self-assessments, or C3PAO-led assessments, including interview preparation and evidence validation.
·       Facilitate scoping decisions, boundary definition, enclave planning, and system inventory alignment to support defensible assessment readiness.
·       Monitor POA&M items, remediation timelines, and control implementation progress to ensure readiness targets are met.
·       Support SPRS-related coordination, affirmation preparation, and documentation needed for ongoing compliance activities, where applicable.
·       Manage vendor, consultant, and assessor engagement activities related to the compliance program.
·       Establish program governance forums and provide concise updates to leadership on schedule, risks, costs, dependencies, and certification readiness.
·       Promote sustainable compliance by embedding repeatable processes, ownership clarity, and continuous monitoring practices after certification.

Required Qualifications
·       Bachelor’s degree in Information Technology, Cybersecurity, Business, Project Management, or a related field, or equivalent practical experience.
·       5+ years of project or program management experience leading complex cross-functional initiatives.
·       Direct experience supporting CMMC 2.0, NIST SP 800-171, DFARS cybersecurity requirements, or comparable regulated compliance programs.
·       Strong understanding of CMMC Level 2 expectations, including protection of CUI, assessment readiness, evidence management, and remediation planning.
·       Experience building and managing integrated project plans with multiple workstreams across technical and non-technical teams.
·       Demonstrated ability to manage risks, dependencies, budgets, timelines, and stakeholder communication in a highly regulated environment.
·       Strong written and verbal communication skills, including the ability to translate technical compliance requirements into clear business actions.
·       Proficiency with project management methods, reporting tools, and governance processes.

Preferred Qualifications
·       PMP, PRINCE2, Certified ScrumMaster, or similar project management certification.
·       Experience working with defense contractors, government suppliers, or organizations handling CUI.
·       Familiarity with C3PAO assessment preparation, SPRS submissions, and continuous compliance practices.
·       Knowledge of related frameworks such as NIST SP 800-171A, NIST SP 800-53, FedRAMP, ISO 27001, or risk management frameworks.
·       Experience coordinating cybersecurity, infrastructure, identity, endpoint, and policy remediation workstreams.
·       Background in audit readiness, compliance documentation, or regulated control testing.

Core Competencies
·       Program leadership and cross-functional coordination
·       Compliance planning and execution discipline
·       Risk and issue management
·       Executive communication and stakeholder management
·       Documentation governance and evidence organization
·       Problem-solving and decision-making
·       Attention to detail and follow-through
·       Change management and organizational alignment

Success Measures
·       Program milestones achieved on schedule.
·       Documented reduction of control gaps and timely closure of remediation items.
·       Assessment artifacts are complete, organized, and audit-ready.
·       Stakeholders are aligned on scope, ownership, and compliance priorities.
·       The organization achieves and sustains CMMC Level 2 readiness or certification with minimal disruption to operations.

Skills

PMP
Prince2
Procurement
Stakeholder Management

Similar jobs