CMMC Compliance Analyst

Lumen Technologies,
$105,786 - $155,152Remote

About The Position

Lumen is looking for an experienced cybersecurity compliance professional to support the ongoing continuous monitoring and compliance operations of a CMMC Level 2 (L2) assessed enclave. These roles are critical to maintaining audit readiness, sustaining compliance with NIST SP 800-171, and supporting successful C3PAO reassessments. The ideal candidates bring hands-on experience supporting a successful CMMC Level 2 assessment and possess a strong understanding of control implementation, evidence management, and continuous monitoring practices within a regulated DoD environment.

Requirements

  • CMMC Registered Practitioner Advanced (RPA)
  • CMMC Certified Professional (CCP) certification within the first six months
  • Demonstrated experience supporting a successful CMMC Level 2 C3PAO assessment
  • Experience with continuous monitoring, audit preparation, and compliance documentation
  • Strong working knowledge of NIST SP 800-171 controls and assessment objectives
  • Working knowledge of FAR, DFARS, and CMMC-related cybersecurity and contracting requirements for Defense Industrial Base contractors.
  • Familiarity with evolving CMMC requirements
  • Experience integrating GRC platforms into continuous monitoring workflows and reporting
  • Familiarity with POA&M management and remediation processes
  • Ability to work in a structured, compliance-driven environment with strong attention to detail

Nice To Haves

  • CMMC Certified Assessor (CCA) certification
  • Experience supporting FedRAMP Moderate or High ATO environments
  • Hands-on experience using GRC tools such as ServiceNow IRM, Diligent, Archer, or similar platforms
  • Understanding of cloud environments (Azure Gov, AWS GovCloud) in regulated enclaves

Responsibilities

  • Execute continuous monitoring activities across a CMMC L2 enclave, ensuring ongoing compliance with NIST SP 800-171 controls
  • Maintain audit-ready evidence repositories, including policies, procedures, and technical artifacts
  • Perform periodic control assessments, validation, and remediation tracking
  • Support POA&M management, including identification, documentation, and closure of findings
  • Leverage GRC tools to manage controls, track compliance status, and maintain evidence
  • Collaborate with system owners, engineers, and ISSOs to ensure proper control implementation and sustainment
  • Prepare for and support C3PAO assessments, surveillance reviews, and re-certification activities
  • Track and report compliance status, risks, and metrics to leadership
  • Assist in updating SSPs, network diagrams, data flow diagrams, and supporting documentation

Benefits

  • Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing
  • Bonus structure (short-term incentives, long-term incentives and/or sales compensation)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service