About the Job

Senior CMMC SME Engineer

Work Type: Remote-first with occasional onsite customer engagements

Location: Washington, DC

Clearance: Clearable

Company Description

Big ImpactTech (BIT) is a small business that provides IT and business management consulting services to federal and commercial clients.

The company delivers solutions across data, cloud, cybersecurity, and program management.

Position Overview

CyberVault Solutions is seeking a Senior CMMC SME Engineer to lead cybersecurity engineering, GCC High implementation, compliance modernization, Zero Trust transformation, and assessment readiness initiatives.

This is an engineering-first cybersecurity leadership role focused on designing, implementing, operationalizing, and defending secure environments rather than solely managing compliance documentation.

The position begins on a part-time, engagement-based basis with potential for long-term leadership growth.

Responsibilities

Engineer, configure, and support Microsoft GCC High environments

Lead CMMC Level 1 and Level 2 readiness initiatives

Design and implement Zero Trust security architectures

Perform readiness assessments, gap analyses, and remediation planning

Develop and maintain System Security Plans (SSPs)

Manage POA&Ms, evidence repositories, governance artifacts, and compliance documentation

Support implementation and operationalization of all NIST SP 800-171 controls

Configure and optimize Microsoft security and cloud technologies

Implement identity, endpoint, data protection, and conditional access controls

Operationalize RMF governance and continuous monitoring processes

Support assessment preparation, walkthroughs, and mock assessments

Produce technical documentation, governance procedures, operational runbooks, and customer-facing deliverables

Lead customer engagements and cybersecurity modernization initiatives

Conduct architecture reviews, troubleshooting, and strategic recommendations

Collaborate with leadership teams, engineers, assessors, and client stakeholders

Support cybersecurity roadmaps, governance maturity, and operational sustainability initiatives

Assist with proposal development, technical scoping, and pre-sales activities when needed

Own technical engagements independently while maintaining strong customer communication.

Required Qualifications

10+ years of experience in cybersecurity engineering, cloud security, compliance engineering, security architecture, or modernization

10+ years of Microsoft cloud engineering, Microsoft 365 security, Azure, GCC, or GCC High experience

Deep expertise in:

GCC High engineering

Microsoft 365 security

CMMC readiness

NIST SP 800-171

RMF operationalization

Zero Trust architecture

SSP and POA&M development

Governance and evidence management

Hands-on experience with:

Microsoft Defender Suite

Microsoft Defender XDR

Microsoft Purview

Intune

Entra ID / Azure AD

Conditional Access

Endpoint security and device compliance

Microsoft Sentinel

SIEM/SOAR environments

Secure enclave architecture

Experience with major GRC platforms

Experience supporting regulated, defense-aligned, or federal environments

Strong customer-facing communication and leadership skills

Ability to independently lead technical engagements and workshops

Ability to produce executive-quality technical and compliance documentation.

Preferred Certifications

Certified CMMC Professional (CCP)

Certified CMMC Assessor (CCA)

CISSP

CCSP

CASP+

CISM

Azure Security Engineer Associate

Microsoft Cybersecurity Architect

PMP

Security+ or equivalent certifications

Active or previous U.S. Government security clearance preferred.

Desired Leadership Attributes

Trusted advisor mindset

Strong ownership and accountability

Strategic thinking with execution focus

Independent problem-solving capabilities

Strong communication and documentation skills

Adaptability in fast-paced consulting environments

Commitment to operational excellence and long-term cybersecurity maturity

Ability to independently drive initiatives and maintain momentum across customer engagements.

Work Structure

Part-time

Engagement-based

Remote-first with occasional onsite customer engagements, workshops, assessments, and planning sessions

Hours determined by active customer delivery requirements

Flexible structure aligned to customer needs

‍

‍