SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. 20588, Dhs, MD
  3. Cybersecurity Compliance Analyst

Cybersecurity Compliance Analyst

DigiFlight
Posted 10 days ago, valid for 20 days
Location

Dhs, MD 20588, US

Salary

Competitive

Contract type

Full Time

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • The position involves supporting the organization's cybersecurity and regulatory compliance program, specifically focusing on CMMC Level 2 readiness and certification for DoD contracts.
  • Candidates should have 3-5 years of experience in cybersecurity governance, risk, and compliance, with familiarity in frameworks such as CMMC or NIST SP 800-171.
  • The role includes conducting internal audits, leading assessments, and assisting stakeholders with compliance-related activities while maintaining documentation accuracy.
  • Desired qualifications include being a Cyber AB Registered Practitioner and having experience with gap assessments and third-party audits.
  • The salary for this position is competitive and commensurate with experience.

Duties & Responsibilities


Responsible for supporting the organization’s cybersecurity and regulatory compliance program. Assists the Director of Cybersecurity Compliance in reviewing, maintaining, and implementing security standards, policies, and procedures applicable to internal operations and external client services. As directed by the Director of Cybersecurity Compliance or Director of Quality Management: 

  • Supports DigiFlight’s Cybersecurity Maturity Model Certification (CMMC) Level 2 readiness, certification, and maintenance in support of DoD contract requirements.
  • Leadsor participates ininternalCMMC control audits, gap assessments, and readiness assessments, compiles findings, observations, and recommendations and reports results to the Director of Cybersecurity Compliance.
  • As a Cyber AB Registered Practitioner (RP),leads orsupports delivery of CMMC services for external organizations, including gap assessments and readiness assessments, and provides documented remediation recommendations aligned with CMMC requirements. 
  • Assists internal stakeholders and external clients with compliance-related activities, including evidence collection, interviews, and clarification of control implementation expectations. 
  • Periodically reviews and audits compliance documentation, including policies, procedures, System Security Plans (SSPs), and supporting artifacts, to verify alignment with applicable regulatory and contractual requirements. 
  • Performs or participates in quality audits and appraisals; compiles findings and reports to the Quality Control Manager/Sr.Directorduring the audits.
  • Maintains and updates cybersecurity and compliance documentation, including policies, procedures, and SSPs, to ensure accuracy and consistency with implemented controls and organizational practices.  
  • Prepares Configuration Control Board (CCB) agendas, facilitates CCB meetings, and documents decisions, approvals, and action items to support change and configuration management governance. 
  • Facilitates Vulnerability Management meetings, including review of vulnerability scan results, remediation activities, and risk acceptance decisions; tracks corrective actions and supports continual improvement efforts. 
  • Assists the Director of Cybersecurity Compliance and process action owners with corrective actions, remediation planning, and compliance improvement initiatives; compiles reports and recommendations and facilitates communication with appropriate personnel. 

CMMC Readiness & Pre-Assessment Advisory

  • Lead or supportclientreadiness reviews and mock assessments
  • Evaluate organizational preparedness for CMMC certification
  • Provide guidance on:
  • Certification boundary definition
  • Control implementation expectations
  • Evidence sufficiency and documentation quality
  • Identifyrisks that mayimpactassessment outcomes


Minimum Experience

3–5 years of experience in cybersecurity governance, risk, and compliance (GRC) including experience with one or more of the following frameworks or programs: 

  • CMMC / NIST SP 800-171 
  • NIST SP 800-53 
  • ISO/IEC 27001: 2022 
  • FedRAMP 
  • SOC 2 
  • CMMI 

Desired

  • Cyber AB Registered Practitioner (RP) 
  • Cyber AB CMMC Certified Professional (CCP) or Cyber AB CMMC Certified Assessor (CCA) 
  • Familiarity with the generative and agentic AI
  • CGRC or equivalent security or compliance certification 
  • Experience supporting gap assessments, readiness assessments, or third-party audits 


Required Skills

  • Experience working with or within3PAOs or accredited assessment bodies
  • Familiarity with federal frameworks such as: FedRAMP
  • DFARS 252.204-7012
  • Experience assessing complex environments (cloud, hybrid, MSPs, enclaves)
  • Strong judgment and decision-making authority
  • Deep expertise in control evaluation and evidence validation
  • Ability to assess ambiguous or partially implemented controls
  • Executive-level communication and stakeholder engagement
  • Ability to work effectively with personnel at all organizational levels, including leadership and external clients
  • Strong organizational and documentation skills with attention to detail 
  • Proficiency with Microsoft Office applications, including Word, Excel, PowerPoint, and SharePoint
  • High ethical standards and professional integrity

Considerations

  • Must avoid conflicts of interest in accordance with applicable CMMC ecosystem expectations


Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2026 SonicJobs Inc. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs