
CMMC Compliance Specialist
Posted 2 days ago

Posted 2 days ago
This is a fully remote position, open to applicants in Alabama.
• Act as the appointed compliance advisor for designated client organizations.
• Interpret and apply the requirements of: NIST SP 800-171, DFARS 252.204-7012, CMMC 2.0 Level 1 & Level 2, as well as SPRS scoring and submissions.
• Assist clients in navigating gap assessments, creating remediation plans, implementation, and preparing for certification readiness.
• Support clients in the development and maintenance of: System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), security policies and procedures, and compliance documentation and evidence.
• Conduct regular compliance strategy meetings with clients.
• Evaluate implementation progress and verify remediation efforts.
• Serve as the main compliance contact throughout the duration of client engagement.
• Simplify complex regulatory requirements into actionable business and technical recommendations.
• Collaborate with client leadership, IT teams, and security personnel to deploy compliant solutions.
• Provide support to clients before, during, and after assessments.
• Create professional assessment reports and executive summaries.
• Ensure compliance documentation and audit evidence is accurately maintained.
• Monitor compliance milestones and client deliverables.
• Perform monthly compliance reviews.
• Stay updated on regulatory changes impacting Department of Defense contractors.
• Aid clients with their annual self-assessments and SPRS submissions.
• Facilitate audit readiness initiatives.
• Coordinate with C3PAOs, government auditors, and other relevant stakeholders as needed.
• Provide cybersecurity awareness and compliance training for client staff.
• Inform organizations about the evolving CMMC and NIST requirements.
• Assist clients in understanding how cybersecurity controls bolster their business operations.
• Active CMMC Certified Practitioner (CP) certification or higher.
• Ability to secure CMMC CCP or CCA within 90 days if not already certified.
• A minimum of 3 years of experience in cybersecurity, information assurance, risk management, or compliance.
• Experience with: NIST SP 800-171, DFARS 252.204-7012, CMMC.
• Experience working with Department of Defense contractors or federal compliance programs.
• Excellent written and verbal communication skills.
• Ability to handle multiple client engagements simultaneously.
• Strong organizational and project management abilities.
• Preferred Qualifications: CMMC CCP (acceptable if in progress), CMMC CCA (acceptable if in progress), Security+ certification.
• Experience within a Managed Service Provider (MSP) environment.
• Experience in a role as a vCISO or virtual Compliance Officer.
• Familiarity with vulnerability assessments, risk assessments, and security audits.
• Knowledge of federal contracting regulations and Controlled Unclassified Information (CUI).
• Proficiency with common compliance tracking platforms, ticketing systems, and remote collaboration tools.
• Competitive salary.
• Comprehensive medical, dental, and vision insurance.
• Company-paid life insurance.
• Company-covered short-term and long-term disability insurance.
• SIMPLE IRA retirement plan with company matching.
• 128 hours of paid time off.
• Paid industry certifications and continuing education opportunities.
• Professional development support.
• Referral bonus program.
• Legal services benefit.
• Opportunities for performance bonuses.
• Complimentary office snacks.
• Exceptional team culture.
• Potential for long-term career growth within one of the nation’s leading defense cybersecurity organizations.
Airbnb
Fruitful
Tenpoint Therapeutics, Ltd.
Cover Whale
Get handpicked remote jobs straight to your inbox weekly.