New offer - be the first one to apply!

July 10, 2026

Implementation Specialist, CMMC

Mid • Hybrid

New York, NY

About the Implementation Team

The Implementation team sits within Secureframe's customer organization and works closely with Sales, Customer Success, Product, Engineering, Security, Support, and partner ecosystems. This team is responsible for helping customers move from signed contract to operational readiness through scoped environments, configured workflows, evidence collection, remediation tracking, and readiness for CMMC assessment.

This is an early-stage role focused on defining scalable CMMC implementation processes. The role includes creating playbooks, improving customer handoffs, identifying repeatable delivery patterns, and helping scale implementation operations.

About the Role

As an Implementation Specialist focused on CMMC, you will lead hands-on implementation projects for customers pursuing CMMC and advanced defense readiness requirements. You will act as the primary customer-facing owner for implementation execution while coordinating across internal teams, partners, and customer stakeholders.

This role requires project leadership, technical fluency, and customer-facing communication skills. Customers often require support with scope definition, CUI and FCI handling, SSP and POA&M workflows, asset categorization, evidence expectations, secure environment decisions, partner responsibilities, and C3PAO readiness.

What You'll Do

  • Lead end-to-end CMMC implementations for customers from kickoff through readiness milestones
  • Translate customer requirements into implementation plans with scope, timelines, milestones, dependencies, and success criteria
  • Help customers operationalize CMMC requirements including Level 1 FCI, Level 2 CUI handling, NIST SP 800-171 controls, SSP and POA&M workflows, evidence collection, asset inventory, and audit readiness
  • Identify where CUI exists across email, file sharing, cloud applications, endpoints, engineering systems, facilities, and third-party providers
  • Coordinate Secureframe platform configuration, control mapping, evidence automation, policy management, remediation tracking, and readiness reporting
  • Support secure-environment planning including identity, endpoint management, logging, network segmentation, GCC High or Azure Government considerations, Google Workspace hardening, virtual desktops, and physical controls
  • Collaborate with Sales and Customer Success on implementation scoping and customer expectations
  • Work with CMMC partners, MSPs, consultants, auditors, and C3PAOs
  • Deliver customer training and working sessions focused on evidence collection, remediation, and readiness workflows
  • Build implementation assets including project plans, RACI models, discovery questionnaires, evidence checklists, status reports, and handoff runbooks
  • Share implementation insights with Product, Engineering, Sales, Customer Success, and leadership
  • Use AI and automation tools to improve implementation efficiency and workflows

What Success Looks Like

  • Customers understand implementation ownership, workstreams, and readiness milestones
  • Implementations progress through scoped assets, assigned controls, remediation plans, reporting, and operational handoff
  • Development of repeatable CMMC implementation processes for organizations of varying sizes
  • Improved implementation scoping and customer expectation setting
  • Product and Engineering teams receive actionable customer feedback

About You

  • 2-5 years of experience in implementation, professional services, customer success, project management, technical consulting, GRC, security compliance, or similar customer-facing delivery roles
  • Ability to build processes and scalable implementation structures
  • Comfortable working in ambiguous and early-stage environments
  • Strong project management and cross-functional coordination skills
  • Technical fluency with identity, endpoints, cloud environments, logging, access control, asset inventory, and secure collaboration
  • Understanding of or willingness to learn CMMC, NIST SP 800-171, CUI, FCI, SSPs, POA&Ms, evidence management, audit readiness, and defense-sector compliance
  • Ability to communicate technical and compliance concepts clearly to customers
  • Strong written and verbal communication skills
  • Experience using modern tools including AI for workflow improvement

Nice to Have

  • Experience with CMMC, NIST SP 800-171, DFARS 252.204-7012, FedRAMP, ITAR, GCC High, Azure Government, AWS GovCloud, or defense-sector customers
  • Experience with GRC platforms, compliance automation tools, ticketing systems, identity providers, MDM, EDR, SIEM, cloud collaboration suites, or secure enclave environments
  • Experience in professional services, managed services, security consulting, audit readiness, or partner-assisted delivery
  • Certifications such as PMP, CSM, Security+, CISA, CISM, CRISC, CCSK, or equivalent experience
  • Experience building implementation playbooks, onboarding programs, or delivery operations

Why This Role Matters

CMMC is becoming a critical requirement for companies supporting the defense ecosystem. This role supports organizations that need practical compliance readiness solutions while helping build scalable implementation operations.

Working Style

This role is remote-friendly. Some travel may be required for customer implementations, team planning, or company events.

Benefits

  • Industry-competitive salary and equity
  • Medical, dental, and vision benefits
  • Flexible time off
  • 401(k)
  • Paid family leave
  • Early-stage team opportunity

All employees must be able to travel by air to company offsites two to four times per year.