More jobs:
CMMC Compliance Analyst-W2
Job in
Raleigh, Wake County, North Carolina, 27601, USA
Listed on 2026-07-08
Listing for:
CorpInfoTech
Full Time
position Listed on 2026-07-08
Job specializations:
-
IT/Tech
Cybersecurity, Information Security
Job Description & How to Apply Below
Overview
Corp Info Tech is seeking a CMMC Compliance Analyst to help organizations across the Defense Industrial Base achieve and sustain CMMC compliance. The analyst works with internal and external technical teams to perform readiness assessments, identify gaps, guide remediation, prepare for formal CMMC assessments, and ensure ongoing compliance.
Key Responsibilities CMMC Readiness & Assessment Support- Guide OSCs through alignment between their internal IT systems and our managed IT services through the lens of CMMC.
- Conduct CMMC readiness assessments and gap analyses.
- Identify compliance deficiencies and remediation priorities.
- Guide clients through remediation planning and execution.
- Coordinate assessment preparation activities including evidence collection and validation.
- Assist clients in responding to assessor requests and clarifications.
- Facilitate communication between client stakeholders, technical teams, and assessment organizations.
- Help ensure assessment artifacts are complete, accurate, traceable, and defensible.
- Support clients in maintaining compliance after certification.
- Serve as a trusted advisor to executives, compliance professionals, and technical teams.
- Interpret complex CMMC requirements and translate them into actionable business and technical recommendations.
- Deliver executive briefings, workshops, and compliance planning sessions.
- Guide organizations through ongoing compliance program maturity efforts.
- Support clients throughout the full compliance lifecycle from readiness through certification and continuous compliance.
- Develop and review System Security Plans (SSPs).
- Develop and review Plans of Action & Milestones (POA&Ms).
- Develop and review Policies and Procedures.
- Develop and review Evidence repositories.
- Develop and review Compliance deliverables and assessment packages.
- Ensure documentation is accurate, complete, and assessment-ready.
- Validate that evidence supports assessment objectives and compliance requirements.
- Assist clients in maintaining Governance, Risk, and Compliance (GRC) platforms as the system of record for compliance activities.
- Ensure controls, assessments, evidence artifacts, POA&Ms, risks, and remediation activities remain accurate and current.
- Work with client stakeholders and internal teams to collect, review, and organize compliance evidence.
- Verify documentation within the GRC platform supports CMMC assessment objectives and audit requirements.
- Assist in preparing GRC repositories for readiness reviews, formal assessments, and ongoing compliance operations.
- Monitor evidence expiration dates, review cycles, and recurring compliance activities to support continuous compliance.
- Work closely with engineering teams implementing cybersecurity controls.
- Validate technical implementations align with compliance requirements.
- Review evidence and assess control effectiveness.
- Support Azure and Microsoft 365 security compliance initiatives.
- Ensure technical remediation activities are properly documented and reflected within compliance records.
- Apply CMMC, NIST SP 800-171, NIST SP 800-53, CIS Controls, and related frameworks.
- Monitor evolving DoD, Cyber AB, and CMMC requirements.
- Recommend improvements to internal methodologies and client delivery standards.
- Participate in internal knowledge-sharing and professional development initiatives.
- Must have active CMMC Certified Professional (CCP) credential in good standing.
- Ability to maintain Cyber AB professional standing and qualification requirements.
- Candidates with Lead CMMC Certified Assessor or CMMC Certified Assessor (LCCA/CCA) strongly preferred.
- Security clearance:
Secret (Preferred)
- Minimum five years in cybersecurity, compliance, or risk management roles.
- Experience conducting compliance assessments and gap analyses.
- Experience developing SSPs, POA&Ms, policies, procedures, and evidence packages.
- Experience supporting client-facing compliance initiatives.
- Experience working in MSP, consulting, or compliance-driven service environments.
- Experience supporting organizations subject to federal, defense, or regulated industry requirements.
- Preference given to candidates located in NC, FL, IN and VA.
- 401(k)
- 401(k) matching
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Vision insurance
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×