IT Project Manager - CMMC

We are seeking a CMMC Project Manager to lead a high-visibility IT infrastructure and cybersecurity initiative to build a secure CMMC-aligned enclave in Azure and enable multiple businesses to onboard and operate within the environment to support third-party certification readiness.

The enclave's infrastructure and security services are delivered and operated by an outsourced managed services provider (MSP/MSSP). This role will manage execution across internal stakeholders and the MSP/MSSP, ensuring delivery is aligned to technical requirements, compliance expectations, timelines, and audit-ready documentation.

How you will make an impact:

• Lead end-to-end project execution for the expanded design, build, and rollout of a secure Azure-based CMMC enclave, supporting multiple business entities.
• Serve as the primary project manager coordinating across IT/Security stakeholders, business units, and the MSP delivering the environment.
• Develop and maintain the integrated project plan, timeline, milestones, and RAID log (risks/actions/issues/decisions).
• Manage vendor/MSP&MSSP delivery including scope alignment, execution tracking, dependencies, deliverable acceptance, and issue escalation.
• Establish clear scope boundaries between the enclave "core baseline" (shared services) and business-specific customization requirements.
• Coordinate technical implementation and readiness activities delivered through the MSP, including:

Azure landing zone / subscription structure, segmentation, and governance + Network design and isolation (hub/spoke, routing, connectivity, firewalling) + Identity and access management using Entra ID (Azure AD), MFA, RBAC, Conditional Access + Endpoint management and hardening using Intune and Defender for Endpoint + Security posture management and compliance monitoring using Microsoft Defender for Cloud + Centralized logging/monitoring using Microsoft Sentinel (SIEM), Log Analytics, alerting + Key management / secrets / encryption (Key Vault, encryption at rest/in transit)

• Backup/recovery strategy, retention planning, and operational support readiness

• Drive creation of a repeatable multi-business onboarding framework, including intake, standard configurations, variation handling, and validation.
• Partner with Cybersecurity and compliance stakeholders to translate CMMC/NIST expectations into actionable work packages and measurable deliverables.
• Ensure operational processes are defined and adopted for the enclave, including access provisioning, change control, incident response coordination, and escalation paths.
• Drive documentation and audit readiness: policies, SOPs, control narratives, diagrams, and proof of operation (with evidence gathered from both internal teams and the MSP).
• Coordinate testing, validation, cutover planning, and go-live readiness; ensure post-launch stabilization ("hypercare") and transition to steady-state operations.
• Provide clear stakeholder communications and executive-level status reporting, proactively surfacing risks, schedule threats, and mitigation options.
• Process and track one-time and re-occurring project invoices against the budget. Develop, manage, and maintain the operating cost model for each of the included businesses.

7+ years of IT project/program management experience, including technical infrastructure and security programs.

• A Bachelor's degree in Information Technology, Computer Science or other technical area.
• Demonstrated success managing delivery through third-party vendors / managed service providers, including milestone tracking, SLA/OLA alignment, escalation, and deliverable acceptance.
• Proven track record delivering complex, cross-functional initiatives involving infrastructure, identity, networking, and cybersecurity.
• Strong familiarity with Azure and Microsoft security ecosystem, including:

Azure core services and governance concepts + Entra ID (Azure AD), MFA, Conditional Access, RBAC + Microsoft Defender (Endpoint and Cloud) + Intune device management and compliance + Microsoft Sentinel (SIEM) and Log Analytics

• Working understanding of compliance-driven delivery and audit readiness (experience with CMMC, NIST 800-171, or similar frameworks strongly preferred).
• Ability to manage multiple stakeholders and onboard multiple business units with varying requirements and timelines.
• Strong documentation discipline and ability to drive teams (including vendors) to produce assessor-ready evidence.
• Excellent communication and leadership skills-comfortable working with executives, engineers, auditors/assessors, and vendor leadership.
• Tools proficiency: MS Project / Smartsheet / Jira/ SharePoint, Visio (or similar)., * Experience supporting environments for CMMC Level 2 readiness and/or NIST SP 800-171 implementation programs.
• Strong knowledge of secure networking concepts (segmentation, private connectivity, firewalling, zero trust).
• Experience coordinating third-party assessment readiness activities (mock audits, evidence walkthroughs, remediation plans).
• Certifications: PMP, CISSP, CISM, Azure certs (AZ-104/AZ-305/SC-100).

*Due to contracts with the federal governments, candidates must either be a US Permanent Resident or US Citizen.

Employee Type: Salaried

Salary Minimum: $140,000

Salary Maximum: $170,000

Incentive: Yes

AMETEK, Inc. is a leading global provider of industrial technology solutions serving a diverse set of attractive niche markets with annual sales over $7.5 billion., AMETEK is committed to making a safer, sustainable, and more productive world a reality. We use differentiated technology solutions to solve our customers' most complex challenges. We employ 22,000 colleagues, in 35 countries, that are grounded by our core values: Ethics and Integrity, Respect for the Individual, Inclusion, Teamwork, and Social Responsibility. AMETEK is a component of the S&P 500. Visit https://www.ametek.com/careers for more information.