Senior Compliance Specialist

Brasfield & Gorrie, a recognized leader in the construction industry, has an exciting opportunity available for a Senior Compliance Specialist – Cybersecurity. This role serves as a key contributor to the company’s federal cybersecurity compliance program by leading assessment readiness efforts, administering compliance operations, and ensuring alignment with contractual and regulatory requirements, including CMMC and NIST SP 800-171.

The Senior Compliance Specialist partners closely with Compliance, IT/Security, Legal/Contracts, and project teams to maintain a mature, audit‑ready compliance program. This role requires strong organizational, analytical, and communication skills, along with the ability to independently manage complex compliance activities, drive process improvements, and support enterprise-wide readiness initiatives.

• Lead administration and maintenance of the CMMC assessment inventory log, including systems, assets, control owners, evidence status, remediation tracking, and audit documentation
• Ensure compliance records and supporting documentation are complete, accurate, current, and audit‑ready
• Oversee centralized compliance documentation repositories, including evidence inventories, trackers, version logs, and status reports
• Monitor compliance deadlines, remediation activities, and outstanding action items to support ongoing assessment readiness
• Identify process gaps and recommend improvements to strengthen documentation accuracy, consistency, and operational efficiency

• Coordinate and support internal and external cybersecurity assessments, audits, and readiness reviews
• Lead collection, organization, and validation of required evidence and compliance documentation
• Review submissions for completeness, consistency, and alignment with contractual and regulatory requirements
• Track remediation plans, corrective actions, and progress through resolution while escalating risks or delays as appropriate
• Prepare and present readiness summaries, compliance metrics, dashboards, and status updates for leadership and stakeholders

• Review contracts and client requirements related to federal cybersecurity compliance obligations
• Assist in interpreting and tracking requirements associated with CMMC, NIST SP 800-171, and related federal cybersecurity standards
• Ensure required documentation and records are maintained to support contractual compliance obligations and audit readiness
• Partner with internal stakeholders to identify, elevate, and resolve compliance gaps, inconsistencies, or missing documentation

• Collaborate with IT/Security teams to maintain accurate system, asset, and control documentation
• Coordinate with Compliance, Legal/Contracts, Procurement, and project teams to support enterprise compliance initiatives
• Serve as a resource to internal stakeholders regarding compliance documentation requirements, processes, and best practices
• Facilitate meetings, working sessions, follow‑up communications, and action item tracking across multiple teams

• Lead efforts to develop, enhance, and maintain standard operating procedures, templates, workflows, and compliance checklists
• Support and coordinate training initiatives related to cybersecurity compliance documentation and readiness activities
• Promote consistent documentation standards, version control, and record retention practices across departments
• Recommend and implement process improvements to increase efficiency, accountability, and compliance readiness

• Serve as the primary coordinator and system administrator for compliance tracking and assessment inventory records
• Validate updates across departments and maintain traceability and integrity of compliance documentation
• Generate recurring and ad‑hoc reports related to compliance status, assessment readiness, remediation activities, and outstanding risks
• Analyze trends and metrics to support leadership decision‑making and continuous…