CMMC Cybersecurity Compliance Consultant

This is a fully remote position, open to applicants in Virginia.

📋 Description

• Oversee the development of CMMC policies across all 14 domains

• Author System Security Plans (SSPs) and manage Plans of Action and Milestones (POA&Ms) from start to finish

• Conduct compliance sprints with 5–10 clients, ensuring clear ownership throughout

• Align evidence with NIST 800-171 controls to ensure audit readiness

• Oversee the Governance, Risk, and Compliance (GRC) platform and maintain client progress dashboards

• Convert technical controls into actionable steps for clients

• Facilitate evidence collection in collaboration with technical teams

⛳️ Requirements

• 3–5 years of experience in cybersecurity GRC, IT auditing, or information assurance

• Extensive knowledge of NIST 800-171 and CMMC

• Possession of a Security+ certification

• Proficient in technical writing, capable of producing audit-defensible documentation

• Ability to manage multiple clients simultaneously

• U.S. Citizenship is required

• Preferred qualifications include CCP or RP certification (or the capability to obtain it quickly)

• Familiarity with FutureFeed, Apptega, or Purview

• Previous experience in C3PAO audit support with ownership of SSP or POA&M

🏝️ Benefits

• Health insurance

• Dental coverage

• Vision insurance

• 401(k) retirement plan

• Paid Time Off (PTO)