Job Title: CMMC Compliance Manager for EMCOR Construction Services
Department: Information Technology
Location: McLean, VA
Reports to: ECS Vice President, Information Technology
FLSA Status: Full-Time / Exempt
Company Overview
EMCOR Construction Services (ECS) is part of EMCOR Group, Inc. (NYSE: EME), a Fortune 500® leader in mechanical and electrical construction, industrial and energy infrastructure, and building services for a diverse range of businesses. ECS is a nationwide group of 50+ operating companies with over 30,000 employees and annual revenues of $10.7 billion. Our operating companies are mechanical and commercial electrical contractors with expertise that includes virtually all U.S. commercial, healthcare, institutional, education, hospitality, manufacturing, transportation, and water and wastewater markets. We also have several operating companies that focus on commercial fire protection. They provide integrated life safety solutions, including fire detection and suppression systems, and the most advanced security technology available today. The ECS headquarters team provides key support for its electrical and mechanical companies, including finance and accounting, human resources, legal, national purchasing and information technology.
SUMMARY
The CMMC Compliance Manager is responsible for Managing the CMMC program within ECS and its Operating Companies. This position will work with Corporate Security and Compliance teams to understand requirements and changes in the CMMC compliance program and work with the ECS operating companies to ensure all contractual obligations are being met. This position is based in McLean, Virginia. However, candidates in other locations and meeting the requirements below may be considered.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Include the following. Other duties may be assigned.
Deliver excellent support to ECS Operating Companies through exceptional customer service Expert-level knowledge of the CMMC framework and changing DFARS rules, including practice requirements and assessment methodologies Manage and coordinate activities associated with CMMC security testing/self-assessments Perform CMMC self-assessments using NIST SP 800-171 to help Operating Companies achieve and maintain CMMC compliance Develop and maintain security documentation that satisfies the CMMC compliance framework requirements; security documentation includes but is not limited to: System Security Plan (SSP), Plan of Action & Milestones (POA&M), Configuration Management Plan, Incident Response Plan, Business Continuity and IT Disaster Recovery Plan, Risk Mitigation Plan, and general policy and procedures, as needed Guide Operating Companies in creating documentation as specified above that satisfies the CMMC compliance framework requirements Track, manage, follow-up, and report on existing CMMC Compliance issues Coordinate activities between Operating Companies and Corporate as related to third-party audit activities, self-assessments, and audit cycles Assist in the administration of IT compliance policies, systems, and processes, and make recommendations of tools to support policies and procedures Participate in security exercises, risk assessments, and table-top exercises Provide oversight of CMMC program at ECS Operating Companies Extensive travel may be required periodically due to audit and self-assessment cyclesESSENTIAL CHARACTERISTICS AND SKILLS
The successful candidate for this role is an individual who demonstrates a high level of service, commitment and execution. The following are required characteristics, knowledge, skills and abilities:
Outstanding customer service Excellent organizational skills and self-directed, yet able to follow direction if needed Strong project management skills, able to manage multiple projects and deadlines simultaneously Able to establish priorities, work independently and accomplish objectives with minimal supervision Exceptional communication skills, written and oral; capable of leading meetings in a professional manner Able to work with executive teams as well as technical teams Proactive change agent skills with competent follow through Excellent Microsoft Office skillsPOSITION REQUIREMENTS/PREFERRED EXPERIENCE
Five (5) years of progressive IT experience Minimum three (3) years' experience with security controls and frameworks i.e. NIST CSF, NIST 800-53, NIST 800-171 Experience in Supplier Performance Risk System (SPRS) At least three (3) years of experience participating in review, management and reporting on complex IT projects CISSP or GCCC certification is preferable Ability to work effectively independently and in teams Ability to communicate effectively at all levels Associate's degree or equivalent experience, Bachelors preferred Ability to travel as business need arisesLANGUAGE SKILLS
Must have the demonstrated ability to effectively communicate in English, cooperate, and collaborate with multiple levels of customer, employees, unions, government agencies, vendors and suppliers, and other contractor organizations.
PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to talk and hear; and requires working at a computer (reading and keying) or extended periods of time.
This role requires communicating verbally and in writing one on one, in small groups, as well as presenting to larger groups of employees.
WORK ENVIRONMENT
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The employee may expect to work in typical office environment.
As a leading provider of mechanical and electrical construction, facilities services, and energy infrastructure, we offer employees a competitive salary and benefits package and we are always looking for individuals with the talent and skills required to contribute to our continued growth and success. Equal Opportunity Employer/Veterans/Disabled.
#ECS
#LI-CS1