On Call Compliance Solutions logo
On Call Compliance Solutions

Is It Time For A Better Solution To Managing The IT In Your Office?

CMMC Compliance Specialist

Location

Alabama

Posted

2 days ago

Salary

$90K - $150K / year

Seniority

Senior

Professional Certificate3 yrs expEnglishCyber Security

Job Description

CMMC Compliance Specialist

On Call Compliance Solutions

• Serve as the designated compliance advisor for assigned client organizations. • Interpret and apply: NIST SP 800-171, DFARS 252.204-7012, CMMC 2.0 Level 1 & Level 2 requirements, SPRS scoring and submissions. • Guide clients through gap assessments, remediation planning, implementation, and certification readiness. • Assist clients with developing and maintaining: System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), Security policies and procedures, Compliance documentation and evidence. • Conduct recurring compliance strategy meetings with clients. • Review implementation progress and validate remediation efforts. • Serve as the primary compliance contact throughout the client engagement. • Translate complex regulatory requirements into practical business and technical recommendations. • Collaborate with client leadership, IT teams, and security personnel to implement compliant solutions. • Support clients before, during, and after assessments. • Prepare professional assessment reports and executive summaries. • Maintain accurate compliance documentation and audit evidence. • Track compliance milestones and client deliverables. • Conduct monthly compliance reviews. • Monitor regulatory updates affecting Department of Defense contractors. • Assist clients with annual self-assessments and SPRS submissions. • Support audit readiness initiatives. • Coordinate with C3PAOs, government auditors, and other stakeholders as necessary. • Deliver cybersecurity awareness and compliance training for client personnel. • Educate organizations on evolving CMMC and NIST requirements. • Help clients understand how cybersecurity controls support their business operations.

Job Requirements

  • Current CMMC Certified Practitioner (CP) certification or higher
  • Ability to obtain CMMC CCP or CCA within 90 days if not already certified
  • 3+ years of experience in cybersecurity, information assurance, risk management, or compliance
  • Experience working with: NIST SP 800-171, DFARS 252.204-7012, CMMC
  • Experience supporting Department of Defense contractors or federal compliance programs
  • Strong written and verbal communication skills
  • Ability to manage multiple client engagements simultaneously
  • Excellent organizational and project management skills
  • Preferred Qualifications: CMMC CCP (OK If In Progress), CMMC CCA (OK If In Progress), Security+
  • Experience working within a Managed Service Provider (MSP)
  • Experience serving as a vCISO or virtual Compliance Officer
  • Experience with vulnerability assessments, risk assessments, and security audits
  • Understanding of federal contracting regulations and Controlled Unclassified Information (CUI)
  • Familiarity with common compliance tracking platforms, ticketing systems, and remote collaboration tools

Benefits

  • Competitive salary
  • Comprehensive medical, dental, and vision insurance
  • Company-paid Life Insurance
  • Company-paid Short-Term & Long-Term Disability
  • SIMPLE IRA retirement plan with company match
  • 128 hours of Paid Time Off
  • Paid industry certifications and continuing education
  • Professional development assistance
  • Referral bonus program
  • Legal services benefit
  • Performance bonus opportunities
  • Free office snacks
  • Outstanding team culture
  • Opportunity for long-term career advancement within one of the nation's premier defense cybersecurity organizations

Related Categories

Related Job Pages

More Compliance Jobs

First Citizens Bank logo

Senior Manager Compliance - Broker-Dealer & RIA (Complaints/Licensing & Registrations)

First Citizens Bank

First Citizens Bank offers a full line of financial services and focuses on individuals, as well as small to medium-sized businesses. As an employer, the compan

Compliance2 days ago

Role Description This is a remote role that may be hired in several markets across the United States. The Compliance Manager is a senior leader within Compliance, responsible for oversight of the firm’s Broker-Dealer and Registered Investment Adviser (RIA) complaint management programs, representative investigations, disciplinary processes and Licensing & Registrations function. This role combines strategic leadership with hands-on execution, managing complex matters while driving consistency, scalability, and regulatory compliance across multiple functions. The ideal candidate brings deep expertise in broker-dealer complaint handling and investigations, strong regulatory knowledge, and sound judgment in assessing conduct and supervisory risk. A strong understanding of FINRA Rule 4530, complaint classification standards, and disclosure requirements are essential. Responsibilities - Complaint Program Leadership & Enhancement - Lead and enhance the firm’s Complaint Management Program, across BD, RIA, and Insurance businesses. - Oversee the complaint investigations, escalation, and resolution, directly handling high-risk matters. - Ensure accurate application of FINRA problem/product codes, and disclosure requirements. - Manage Rule 4530 reporting, including quarterly 4530(d) filings and event-driven reporting. - Develop reporting, controls and quality assurance processes to identify trends, identify emerging risks, and drive remediation. - Implement improvements to increase program effectiveness, consistency, and scalability. - Representative Investigations - Lead investigations into registered representatives and associated people’s conduct, sales practice and supervisory matters. - Partner with Legal, Human Resources, and business leadership on escalation, resolution, and disciplinary outcomes. - Support regulatory inquiries, responses, and disclosure obligations. - Licensing & Registration Oversight - Oversee Licensing & Registration to ensure accurate and timely regulatory filings and registration processes are executed accurately and in accordance with applicable requirements. Qualifications - Bachelor's Degree and 8 years of experience in Compliance, Legal, Audit, Regulatory Compliance Management, Banking or other related experience OR High School Diploma or GED and 12 years of experience in Compliance, Legal, Audit, Regulatory Compliance Management, Banking or other related experience. - 7+ years of broker-dealer and/or RIA compliance experience. - Strong experience in complaints, investigations, and regulatory reporting. - Deep knowledge of FINRA rules, including Rule 4530, U4/U5, and complaint classification standards. - Proven leadership and ability to manage complex regulatory matters. - FINRA Series 7, 24, and 63/65 or 66 licenses (or ability to obtain shortly after hire). Preferred Qualifications - Experienced in a large, dual-registrant financial institution. - Strong investigative, risk assessment, and escalation skills. - Executive communication and stakeholder management expertise. - Insurance Licensing/Life & Health experience. Benefits - This job posting is expected to remain active for 14 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. Job postings may come down early due to business need or a high volume of applicants. - The base pay for this position is generally between $155,000 and $175,000. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment. - Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits .

United States
$155K - $175K / year
Full TimeRemoteTeam 10,001+Since 1878H1B Sponsor

• Review, verify and approve product specifications, artwork, pack copy and labelling against current and emerging UK and EU legislation. • Provide expert regulatory advice and guidance to clients, suppliers and internal stakeholders on consumer product compliance requirements. • Build and maintain strong relationships with clients, suppliers, design agencies and other key stakeholders. • Monitor regulatory developments, industry trends and codes of practice, ensuring accurate and up-to-date advice is delivered. • Support continuous improvement through the development of compliance processes, technical checklists, training materials and best practice guidance.

United Kingdom

Manager of Revenue Compliance

OnTrac

Headquartered in Chandler, Arizona, OnTrac is a package delivery company that provides overnight delivery services at ground rates to millions of consumers. Thi

Compliance2 days ago

Role Description The Manager of Revenue Compliance is responsible for ensuring the integrity, accuracy, and governance of pricing, contracts, and revenue-related system configurations across OnTrac. This role leads contract validation, pricing system setup, audit processes, and revenue compliance oversight while partnering closely with Pricing, Finance, Sales, Legal, Operations, and Internal Audit. - Safeguard revenue by ensuring customer agreements and pricing updates are accurately translated into systems. - Monitor, audit, and maintain compliance with contractual terms and internal policies. Qualifications - Bachelor’s degree or equivalent experience - 4–8 years of experience in a related field - Advanced Excel and data analysis skills - Experience with project management tools such as ClickUp, Jira, Asana, Smartsheet, or Monday.com - Experience with documentation tools such as Confluence or Notion - Experience working cross-functionally and driving alignment without direct authority - Ability to travel up to 10% Requirements - Contract review & database management: - Review customer contracts for pricing terms, SLAs, rebates, and billing structures. - Translate contract terms into structured formats for implementation. - Maintain a centralized, version-controlled, audit-ready contract database. - Partner with Legal, Sales, and Pricing to resolve ambiguities or inconsistencies. - Pricing setup & system governance: - Oversee and validate pricing-related configurations across internal systems. - Manage GRI updates, contract SLAs, rebates, new customer setup, existing customer modifications, discounts, incentives, and service terms. - Implementation accuracy & approval controls: - Ensure pricing changes are aligned to approved timelines, policies, contract terms, calculation logic, trigger conditions, go-live requirements, and documented approval processes. - Audit & compliance oversight: - Conduct regular audits of pricing configurations, contract setups, and system changes. - Validate that system pricing matches contractual agreements and approved modifications. - Develop audit frameworks, controls, and reporting to ensure ongoing compliance. - Finance, Internal Audit & compliance partnership: - Partner with Finance and Internal Audit teams to support compliance initiatives, audits, revenue governance, and issue resolution. - Revenue leakage & discrepancy investigations: - Lead investigations into revenue leakage, billing discrepancies, and customer disputes. - Analyze root causes of pricing errors or system misconfigurations. - Recommend corrective actions to prevent recurrence. - Reporting, dashboards & leadership insights: - Develop reporting and dashboards to track pricing accuracy, implementation timelines, compliance trends, and revenue leakage risks. - Support leadership with data-driven recommendations. Benefits - Medical, dental, and vision insurance - Life and short- and long-term disability coverage - 401(k) retirement savings plan with company match - Flex vacation with accruals up to 96 hours for the first year of employment, increasing to 160 hours with tenure - Two (2) floating holidays per year - Paid sick leave* - Six (6) paid company holidays - Two (2) weeks paid pregnancy disability leave, four (4) weeks paid parental bonding leave - Additional wellness and employee assistance programs

United States
$104K - $157.2K / year
Navan logo

PCI and SOX Compliance Specialist

Navan

Travel & expense made easy

Compliance2 days ago
Full TimeHybridTeam 1,001-5,000Since 2015H1B No Sponsor

Title: PCI & SOX Compliance Specialist Location: London, UK Department:Security, Risk & Fraud The Security Compliance Analyst will be a critical, hands-on member of the Navan Governance, Risk, Compliance, and Trust (GRCT) Team, specifically embedded in London to drive the compliance integration between Navan and Reed & Mackay. This is not a high-level policy writing or checking boxes role. We are looking for an active, execution-focused compliance professional to untangle legacy systems, map control deficiencies, and run daily operational workflows. Acting as a decisive bridge between engineering sprint teams, IT infrastructure, and US-based external auditors, you will own the day-to-day transaction compliance and technical evidence pipeline that keeps our global travel and expense platforms bulletproof. What You’ll Do - Own Vulnerability Remediation Loops: Actively track and oversee quarterly PCI ASV scans and penetration testing cycles, collaborating directly with IT and engineering teams to ensure patches are executed within strict SLA windows. - Lead the Integration Pipeline: Conduct continuous gap analyses and map security controls as we merge legacy travel infrastructure into Navan's modern cloud frameworks. - Drive SOX 404 Controls: Take ownership of testing and validating IT General Controls (ITGCs) under Sarbanes-Oxley Section 404, with a heavy emphasis on access control management (Joiners/Movers/Leavers) and secure code deployment. - Embed with Engineering: Partner with development teams to automate manual evidence gathering, translating rigid compliance jargon into clear, actionable JIRA tickets. - Collaborate Globally: Partner closely with US-based audit firms and compliance bodies. This includes a flexible schedule to work late hours (until 9:00 PM–10:00 PM) a few days per month on specific US alignment days. - Track Open Deficiencies: Manage the risk register and remediation tracking lifecycle from initial identification to final verification and closure. What We’re Looking For - Experience: Minimum of 3+ years of hands-on, corporate operational experience in information security compliance. You must have active experience sitting on a corporate security or IT team—purely academic, training, or governmental advisory backgrounds will not fit the speed of this role. - PCI & SOX Technical Depth: Proved, practical exposure executing compliance frameworks for transactional environments. You must understand Section 404 ITGCs and the technical mechanics of PCI DSS (including cardholder data protection environments and SAQs). - Tools & Systems Mastery: Comfortable navigating tracking platforms such as JIRA, ServiceNow GRC, or AuditBoard to monitor, assign, and resolve open compliance findings. - A Technical Edge: A baseline technical background (e.g., computer science, systems administration, or IT support) that allows you to confidently push back on or guide engineers during patch cycles. - Location & Hours Flexibility: Willingness to work under a hybrid model out of our London office (4 days a week) and the routine flexibility needed to support monthly evening shifts for US team synchronization. - Language requirements: Full proficiency in English. - Bonus Points: Certifications such as CompTIA Security+ or ISO 27001 Internal Auditor. About Navan Navan (Nasdaq: NAVN) is the global AI-powered business travel and expense platform that makes travel easy for frequent travelers. From finding flights and hotels, to automating expense reconciliation, with 24/7 support along the way, Navan delivers an intuitive experience travelers love and finance teams rely on. See how Navan customers benefit and learn more at navan.com. Culture of Excellence Our team is our competitive edge — a high-performance group of smart, driven people committed to winning together. This dedication to excellence is why we’ve been recognized as a Best Place to Work by Built In (2023–2026), a G2 Best Global Software Company (2025–2026), Forbes Cloud 100 (2022–2025), and CNBC Disruptor 50 (2022–2025). At Navan, we provide an environment where top talent excels, offering the autonomy and fast-paced trajectory needed to build a defining career and do the best work of your life. Our Benefits Navan offers a comprehensive benefits program designed to support your well-being, financial security, and life outside of work. Our benefits, thoughtfully tailored by country to meet local needs, include healthcare coverage, insurance offerings, and wellness resources for you and your family. We support long-term financial growth through retirement savings programs and opportunities to participate in our equity plans, so you can share in Navan’s success. To promote balance, we offer flexible time off, country-specific holidays, and paid parental leave for all new parents. Additional benefits include connectivity and commuting support*, mental health resources, and exclusive travel-related perks. Wherever you’re based, our benefits evolve with you. Workplace Policy Navan believes in the value of in-person connections, whether that’s sitting down to have lunch with one another, taking a walking 1:1, or collaborating in a room together. The connections forged through face-to-face interactions improve company culture and drive business results. Navan invests in global office spaces — in the U.S., Europe, and Asia, among others — that feel welcoming. In-office perks such as company-provided lunches and happy hours create a strong team environment to help you do your best work. Our employees work from the office four days a week. Please expect this policy for all roles that are tied to an office. Equal Opportunity Navan is an equal opportunity employer. We make all employment decisions based solely on merit. We provide equal employment opportunity to all applicants and employees without discrimination on the bases of race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We prohibit any such discrimination or harassment. This policy applies to all terms and conditions of employment, including hiring. Accommodations Navan complies with the Americans with Disabilities Act (ADA), as amended by the ADA Amendments Act, and all applicable state or local law. Navan will reasonably accommodate qualified individuals with a disability in connection with applications for employment as required by law. If you need any assistance or accommodations due to a disability, you are welcome to email us at talent-accommodations@navan.com. Candidate Privacy Notice and Use of AI As part of the recruitment process, certain personal data may be processed using automated tools, including tools that use AI. For details on how Navan collects and uses your personal data, please review Navan's Candidate Privacy Notice here. Job Search Best Practices We have been made aware of recruitment scams involving fraudulent attempts to lure job seekers into sending money or personal information in return for fake job offers or coerce them into purchasing equipment by electronic funds transfer (Zelle, Venmo, etc.) Legitimate Navan recruiters will never ask for money in any recruitment or onboarding activities. All available job openings at Navan will be posted on Navan’s website and all Navan recruiters will be reachable through an email address ending in “@navan.com” or “@navan.tech” or "@talent.navan.com". *Applies to select locations

United Kingdom