Compliance Analyst Jobs

About The Position

Requirements

• Bachelor's degree in a related field.
• 0-2 in a related role. Relevant experience can be considered as a substitute for the required educational qualifications. In the absence of a degree, a minimum of 4 years of related experience is required.
• Basic understanding of cybersecurity principles and practices.
• Familiarity with network security, threat analysis, and incident response.
• Knowledge of data security administration principles, methods, and techniques.
• Familiarity with domain structures, user authentication, and digital signatures.
• Foundational understanding of, or strong desire to learn, NIST SP 800-171, DFARS 252.204-7012, and the Cybersecurity Maturity Model Certification (CMMC) 2.0.
• Strong analytical and organizational skills, with keen attention to detail.
• Strong written and verbal communication skills, with the ability to translate complex regulatory requirements into clear, actionable guidance.
• Ability to learn quickly, manage multiple priorities, and work effectively as part of a collaborative team.
• Ability to obtain and maintain a Secret U.S. Security Clearance.
• U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment.

Nice To Haves

• Ability to read and interpret security and technical documentation.
• Proven track record of maintaining the confidentiality of high-sensitivity projects and data.
• Internship or project experience related to cybersecurity compliance, IT audit, or governance, risk, and compliance (GRC).
• Familiarity with contract language, procurement processes, or supply chain concepts within a government contracting environment.
• Familiarity with ISO 9001 or similar quality management frameworks.
• Relevant entry-level certifications (e.g., CompTIA A+, Network+, Security+) are a plus, but not required.
• Exposure to or academic coursework in federal regulatory frameworks, defense acquisition, or government contracting.

Responsibilities

• Support the GRC team in developing and maintaining a unified CMMC 2.0 and DFARS compliance program across the organization.
• Assist in interpreting and translating cybersecurity regulations (NIST SP 800-171, CMMC 2.0, and DFARS 252.204-7012) into actionable guidance for internal stakeholders.
• Support gap analyses to identify control deficiencies and assist in developing remediation recommendations.
• Help system owners gather and organize documentation in preparation for internal and external assessments, readiness reviews, and mock assessments.
• Assist in collecting data for continuous monitoring programs and compliance KPIs.
• Research and track evolving cybersecurity regulations, standards, and best practices relevant to the Defense Industrial Base (DIB).
• Assist in reviewing contracts and solicitations to identify applicable cybersecurity requirements and compliance obligations.
• Help ensure procurement and subcontract processes align with DFARS 252.204-7012, CMMC 2.0, and organizational cybersecurity requirements.
• Support monitoring of supplier and vendor cybersecurity compliance against contractual obligations and regulatory standards.

Benefits

• medical
• dental
• vision plans
• 401(k) with 150% match up to 6%
• life insurance
• 3 weeks paid time off
• tuition reimbursement