CMMC Business Analyst III/IV
About The Position
At Zone 5 Technologies, we're redefining what's possible in unmanned aircraft systems. Our team of engineers and innovators is developing cutting-edge autonomous solutions that push the boundaries of UAS technology - solving complex challenges that matter. We're building the future of UAS capabilities, and we're looking for exceptional talent to join us. If you're driven by hard problems, energized by rapid innovation, and ready to make an impact on next-generation flight systems, you belong here. We are seeking a hands-on technical leader for CMMC Business Analyst to Maintain and continuously improve Information Technology policies and procedures, ensuring alignment with organizational, regulatory, and customer requirements. The ideal candidate brings deep, recent experience working within CMMC environments, supporting assessment readiness, and understanding what is materially required to satisfy control expectations. This individual must be able to navigate complex technical landscapes, challenge assumptions, and enforce architectural standards with authority. This role will serve as a hands-on technical leader who can translate strategy into actionable architecture decisions, guide teams through compliant solution design, and defend architectural requirements with confidence and clarity. The ideal candidate will be experienced in NIST800-171, CMMC, and IT documentation, and the ability to work collaboratively with IT Security and compliance stakeholders.
Requirements
- 5+ years of experience with the CMMC Framework
- Experience working and identifying CUI
- Experience working with system security plans, POAM, and Technology Control Plans.
- Act as a "technical translator" capable of bridging strategy and implementation.
- Technical understanding of Cloud technologies, application architectures, network and identity security, and data protection and boundary segmentation.
- U.S. Citizenship
Nice To Haves
- Experience within the DOW Contractor industry
- Previous C3PAO, assessment, or consultancy experience
- CISSP (Certified Information Systems Security Professional)
Responsibilities
- Risk Assessment - Mapping CMMC and NIST 800-171 controls to application security capabilities
- Develop, maintain, and enforce Controlled Unclassified Information (CUI) policies, including proper document/data markings; train and educate users on compliant handling and labeling practices.
- Educate users on and support adherence to Security Classification Guides (SCGs), including guidance on interpreting and applying classification/handling requirements.
- Ensure compliance with ITAR (International Traffic in Arms Regulations) requirements for data access, storage, transmission, and export-controlled technical data.
- Develop and maintain a Technology Control Plan (TCP), including access controls, visitor controls, data segregation, and procedures supporting export-control compliance.
- Maintain and continuously improve Information Technology policies and procedures, ensuring alignment with organizational, regulatory, and customer requirements.
- Define and implement policies, standards, and procedures for emerging technologies (e.g., AI), including governance, acceptable use, data protection, risk management, and compliance considerations.
Benefits
- Competitive total compensation package
- Comprehensive benefit package options include medical, dental, vision, life, and more.
- 401k with company-match
- 4 weeks of paid time off each year
- 12 annual company holidays
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
