CMMC Compliance Analyst

Job Description: • Receive, triage, and analyze compliance-related requests, documentation, and assessment findings, and work to resolve issues through research, evidence collection, and stakeholder coordination. • Support the development and maintenance of System Security Plans (SSPs), POA&Ms, policy sets, procedures, and control documentation across client environments. • Review client technical configurations (e.g., access controls, logging, encryption, segmentation, backup strategies) against NIST/CMMC compliance objectives and document gaps or remediation actions. • Communicate with clients through email, chat, meetings, and interviews to gather evidence, clarify processes, and maintain progress visibility on compliance deliverables. • Assist in the management, implementation, and validation of compliance controls across CMMC, NIST 800-171, and/or DFARS 7012. • Contribute to internal compliance documentation templates, client-facing guidance materials, and evidence repositories that streamline audit readiness. • Support the creation of compliance reports, risk assessments, briefs, and executive presentations that translate findings into clear business narrative. Requirements: • U.S. citizenship - by nature of our work with the defense industry, all employees must be eligible for a Secret clearance. • 2-5 years of experience in information security, IT compliance, cybersecurity auditing, GRC, or similar roles. • Demonstrated ability to lead and make decisions on compliance-related matters, including interpreting control intent, assessing evidence, and determining whether control requirements have been met. • Experience reviewing and developing policies, procedures, SSPs, POA&Ms, risk assessments, or similar compliance documentation. • Working knowledge of technical environments such as IAM, endpoint protection, logging/monitoring, vulnerability management, segmentation, and backup/recovery strategies. • Strong written and verbal communication skills, especially when translating technical information into actionable compliance guidance. • Ability to work independently, manage multiple client tasks, and follow structured workflows to drive compliance activities to timely completion. • CompTIA Security+ certification is required in the first 2 months of hire. Benefits: • Fully paid individual healthcare, vision and dental insurance for the employee. • Paid certification and training opportunities. • Three weeks of paid vacation + 10 paid holidays. • A supportive environment with a focus on keeping healthy work-life balance. • Retirement benefit (401k) with company match. Apply tot his job