Compliance Analyst

OSIbeyond•Rockville, MD

5d•$65,000 - $75,000•Hybrid

About The Position

Ideal for IT Support or System Admin professionals looking to transition into cybersecurity and compliance. No prior compliance experience required training will be provided. This is an entry-level to junior role designed for IT professionals looking to transition into cybersecurity and compliance. The Compliance Analyst will receive training and hands-on experience supporting CMMC compliance programs for Department of Defense contractors, including implementation, audit readiness, and ongoing compliance sustainment. What You'll Learn in This Role: CMMC (Cybersecurity Maturity Model Certification) framework NIST SP 800-171 security controls How to prepare organizations for compliance audits How to manage compliance documentation (SSPs, POA&Ms, policies) Security best practices in Microsoft GCC / GCC High environments Real-world cybersecurity operations in regulated environments

Requirements

1–3 years of IT Support, Helpdesk, or System Administration experience
Existing Helpdesk, System Administration or Managed IT experience including knowledge of Microsoft 365 / Entra ID and Intune
Familiarity with common security tools including EDR / Antivirus, Vulnerability Scanning & Patch Management
Basic understanding of CMMC and/or NIST SP 800-171 requirements
Experience working with security policies, procedures, or compliance documentation
Familiarity with audit preparation, evidence collection, or regulated environments
Strong attention to detail and ability to follow structured processes
Interest in cybersecurity, compliance, or risk management

Nice To Haves

CMMC Registered Practitioner (RP) – Preferred, not required
Security+ or equivalent cybersecurity certification – Preferred

Responsibilities

Assist in developing and customizing policies, procedures and other supporting documentation for clients
Work closely with Compliance Managers and leadership to implement CMMC compliance requirements across several clients simultaneously
Assist with client audits and assessments by providing documentation and evidence to third party auditors
Review and validate client-provided evidence to ensure audit readiness and alignment with CMMC requirements
Assist in reviewing configurations in Microsoft 365 GCC/GCC High and other platforms to confirm alignment with documentation
Execute and track ongoing compliance activities to ensure continuous adherence to CMMC requirements post-assessment
Assist with Project Management responsibilities including facilitating meetings, calls and supporting notes and activities
Support delivery of OSIbeyond’s Compliance as a Service (CaaS) model, ensuring clients maintain continuous compliance rather than point-in-time certification
Work within Microsoft 365 GCC / GCC High environments to validate secure configurations aligned with CMMC controls
Other duties as assigned
Complete required training and maintain awareness of cybersecurity risks including insider threats and handling of regulated data.
Treat company and client data as confidential and follow all applicable security and information protection policies.
Follow cybersecurity procedures outlined in company policies and the employee handbook.
Immediately report and follow incident response procedures for any suspected security incidents.

Benefits

Medical Insurance - OSIbeyond pays 75% of the premium for the Employee's base medical plan
Vision and Dental Insurance - OSIbeyond pays 75% of the premium for the Employee's plans
Life Insurance - OSIbeyond pays 100% of the premium for the Employee's plans
Short Term Disability Insurance - OSIbeyond pays 100% of the premium for the Employee's plans
401K - OSIbeyond matches up to 4%
PTO/Holidays - 9 paid Holidays and accrual based PTO which increases with tenure, new hires start out with 2 weeks.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume