Job Description
We are seeking a senior cybersecurity compliance lead to support a university’s effort to achieve CMMC (Cybersecurity Maturity Model Certification) readiness and certification across complex research environments.
This individual will serve as the central owner of CMMC compliance execution, partnering across IT Security, Research IT, Export Compliance, and faculty stakeholders to align security requirements with how research is actually conducted.
The role is a blend of security architecture, compliance leadership, and program execution. This person will assess existing research environments, guide remediation efforts, and design scalable frameworks that enable multiple independent labs to operate within compliant, secure enclaves handling sensitive data (e.g., CUI, ITAR).
In addition to driving audit readiness, this individual will support the full research data lifecycle, working with researchers during proposal planning to define security requirements and ensuring secure handling of data through project execution and disposal.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
~10+ years of experience in cybersecurity, information security, or compliance-driven environments
Hands-on experience implementing CMMC / NIST SP 800-171 controls and preparing environments for CMMC Level 2 audits
Experience working in regulated environments (e.g., DoD, federal, ITAR, CUI systems)
Proven ability to:
- Conduct detailed gap assessments against CMMC / NIST 800-171
- Drive audit readiness efforts, including preparation for C3PAO assessments
- Develop and maintain compliance documentation (e.g., - System Security Plans (SSPs), POA&Ms, audit artifacts)
- Translate compliance requirements into actionable implementation plans for technical teams
Strong understanding of:
- System boundaries and enclave design for CUI environments
- End-to-end data flow mapping and security control alignment
- CUI scoping and asset categorization
Experience working across complex, distributed environments (e.g., multiple enclaves, hybrid on-prem/cloud systems)
Ability to operate as a lead-level resource, collaborating across technical teams and non-technical stakeholders (e.g., faculty, researchers, export control) to drive execution and translate complex security requirements into practical workflows
Nice to Have Skills & Experience
Experience working in:
- Research environments (universities, labs, or R&D orgs)
- Higher education security models
Prior exposure to:
- Multi-enclave or distributed IT environments (non-standard infrastructure, lab systems, shared research equipment)
- Experience supporting CMMC Level 2 certification or external audits (C3PAO)
Familiarity with:
- Export control / research compliance requirements
- Grant-funded or federally sponsored programs
Certifications such as:
- CISSP, CISM, Security+, CMMC-related credentials
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.