Compliance Consultant, CMMC
About The Position
This role is designed for a cybersecurity and compliance professional who thrives in a client-facing advisory environment. You will lead the development and management of Governance, Risk, and Compliance (GRC) programs for organizations within the defense and federal contracting sectors. The position requires deep knowledge of CMMC, DFARS, NIST standards, and other federal cybersecurity frameworks, as you work closely with client stakeholders, internal teams, and third-party providers. You will help clients assess current controls, implement solutions, and achieve regulatory compliance, all while fostering long-term relationships and delivering actionable recommendations. This is a highly autonomous, impactful role that blends technical expertise, strategic thinking, and strong communication skills.
Requirements
- 7+ years of experience implementing cybersecurity and compliance requirements for Department of Defense contractors or federal information systems.
- Hands-on experience with NIST SP 800-171, SP 800-53, and CMMC assessment and certification requirements.
- Strong verbal and written communication skills, capable of conveying technical information to diverse audiences.
- High emotional intelligence with the ability to collaborate effectively across client organizations and internal teams.
- Strong organizational skills and ability to manage multiple priorities under deadlines.
- US Citizenship required; veterans preferred.
Nice To Haves
- Professional certifications such as CCP, CCA, CISSP, CISM, or CISA are preferred.
- Knowledge of Microsoft cloud services (Azure, Office 365) and compliance in government environments is a plus.
- Ability to obtain U.S. government security clearance is advantageous.
Responsibilities
- Lead the assessment, planning, and implementation of cybersecurity compliance programs, including CMMC Levels 1 & 2, DFARS, and NIST SP 800-171 requirements.
- Document business processes, data flows, and system scope to support compliance initiatives.
- Develop, manage, and maintain System Security Plans, policies, procedures, and other required documentation.
- Collaborate with clients, internal teams, and third-party providers to ensure successful project delivery and compliance outcomes.
- Conduct advisory activities to guide clients on regulatory obligations, technical controls, and security best practices.
- Participate in risk assessments, identify gaps, and propose practical remediation strategies.
- Maintain subject matter expertise in federal cybersecurity regulations, export controls, and industry frameworks.
Benefits
- Remote work opportunities with minimal travel.
- Medical, dental, and vision insurance.
- Four weeks of paid time off, including vacation and sick leave.
- Paid maternity and paternity leave.
- Two days of paid volunteer time.
- 401(k) plan with company match.
- Company bonus structure.
- Tuition reimbursement and professional development support.
- Employer-sponsored disability and life insurance.
- Supportive, inclusive culture with award-winning workplace recognition.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
