Job Specifications
About PKF O’Connor Davies
PKF O’Connor Davies is a top-ranked accounting, tax, and advisory firm with offices across the U.S. and internationally through our PKF global network. For over a century, we have built our reputation on deep industry expertise, a personalized approach, and a commitment to delivering real value to our clients.
Our mission is to provide exceptional service while fostering long-term relationships built on trust and integrity. We serve a diverse client base across industries and sectors, helping organizations and individuals navigate complex challenges with confidence.
At PKF O’Connor Davies, culture is at the heart of who we are. We believe our team members are our greatest asset, and we invest in their growth and success through mentorship, professional development, and continuous learning opportunities. Our goal is to foster a collaborative environment where diverse perspectives are valued, innovation is encouraged, and team members can make an impact. We are also committed to supporting work–life balance, offering flexibility and resources to help our team members grow their careers while maintaining fulfilling personal lives.
If you are looking for a career where you can grow, contribute, and be part of a firm that values both excellence and community, PKF O’Connor Davies is the place for you!
At PKF O’Connor Davies, our Cybersecurity and Privacy Advisory Practice helps organizations develop, assess, and mature cybersecurity programs that align with business objectives and regulatory obligations. Unlike firms that rely on rigid models or generic playbooks, our approach is rooted in practicality—grounded in real-world experience across regulated sectors, emphasizing foundational competence, curiosity, and continuous growth.
Position Overview
We are seeking a Manager, Cybersecurity & Privacy Advisory (CMMC / DIB Focus) to lead and execute engagements supporting clients within the Defense Industrial Base (DIB) and other regulated sectors. This individual will bring hands-on experience in Cybersecurity Maturity Model Certification “CMMC” Level 1, 2, and 3 assessments, NIST 800-171 / 800-53 / RMF implementation, and DFARS compliance. The ideal candidate holds a CMMC Certified Assessor (CCA) Tier 3 credential and demonstrates strong understanding of federal cybersecurity frameworks and programmatic risk management.
This role requires practical judgment, technical fluency, and the ability to translate complex compliance requirements into achievable, measurable program outcomes for our clients.
Essential Duties
Key responsibilities include, but are not limited to, the following:
Lead and manage cybersecurity advisory engagements for DIB clients, focusing on CMMC readiness, assessment, and program improvement.
Conduct and oversee CMMC assessments in accordance with DoD and Cyber AB standards.
Evaluate, develop, and maintain System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and Security Assessment Reports (SARs).
Perform gap analyses and control assessments against NIST SP 800-171, NIST SP 800-53, NIST CSF, and ISO 27001, identifying realistic paths to compliance and maturity.
Guide clients through DFARS 252.204-7012/7019/7020/7021 compliance requirements and related DoD contracting cybersecurity obligations.
Assist in developing cybersecurity governance frameworks and inheritable control matrices that align with clients’ business and regulatory requirements.
Participate in internal development of firm CMMC methodologies, templates, and training materials.
Work on other engagements across the Cybersecurity & Privacy Advisory team as needed.
Support proposal efforts and practice growth activities, emphasizing practical, right-sized solutions over theoretical approaches.
Mentor staff, promote knowledge sharing, and contribute to a collaborative and learning-oriented team culture.
Qualifications
Bachelor’s degree in Information Systems, Cybersecurity, or a related discipline (Master’s preferred).
5+ years of cybersecurity consulting or compliance experience, including work with DIB or federal-sector clients.
Active CMMC Certified Assessor (CCA Tier 3) certification.
Active CISSP or CISA certification (required).
Strong knowledge of NIST SP 800-171, NIST SP 800-53, NIST CSF, and ISO 27001 frameworks.
Hands-on experience developing and reviewing SSPs, POA&Ms, and SARs.
Familiarity with DFARS and DoD cybersecurity compliance workflows.
Exceptional communication and analytical skills with the ability to convey technical information clearly to both technical and non-technical audiences.
Managing multiple projects simultaneously while maintaining attention to detail and quality.
Building trusted relationships with clients and team members through transparency, accountability, and responsiveness.
Demonstrating strong analytical, critical thinking, and problem-solving skills.
Adapting quickly to changing requirements, demonstrating flexibility and resilience in compl