CMMC Compliance Specialist
Location
United States
Posted
11 hours ago
Salary
0
Seniority
Mid Level
No structured requirement data.
Job Description
CMMC Compliance Specialist
On Call Computer Solutions, LLC
Role Description We are seeking a highly qualified CMMC Compliance Specialist to serve as a trusted compliance advisor for Department of Defense contractors. In this role, you will function as a virtual Compliance Officer for assigned clients, helping them build, maintain, and continuously improve their cybersecurity compliance programs. You will guide organizations through every phase of the compliance lifecycle—from initial gap assessments and remediation planning to audit readiness and ongoing compliance management—while providing strategic guidance on CMMC, NIST SP 800-171, DFARS, and related federal cybersecurity requirements. Primary Responsibilities - Compliance Consulting - Serve as the designated compliance advisor for assigned client organizations. - Interpret and apply: - NIST SP 800-171 - DFARS 252.204-7012 - CMMC 2.0 Level 1 & Level 2 requirements - SPRS scoring and submissions - Guide clients through gap assessments, remediation planning, implementation, and certification readiness. - Assist clients with developing and maintaining: - System Security Plans (SSPs) - Plans of Action & Milestones (POA&Ms) - Security policies and procedures - Compliance documentation and evidence - Client Success & Advisory - Conduct recurring compliance strategy meetings with clients. - Review implementation progress and validate remediation efforts. - Serve as the primary compliance contact throughout the client engagement. - Translate complex regulatory requirements into practical business and technical recommendations. - Collaborate with client leadership, IT teams, and security personnel to implement compliant solutions. - Support clients before, during, and after assessments. - Documentation & Reporting - Prepare professional assessment reports and executive summaries. - Maintain accurate compliance documentation and audit evidence. - Track compliance milestones and client deliverables. - Ensure documentation aligns with federal requirements and industry best practices. - Training & Education - Deliver cybersecurity awareness and compliance training for client personnel. - Educate organizations on evolving CMMC and NIST requirements. - Help clients understand how cybersecurity controls support their business operations. - Ongoing Compliance Management - Conduct monthly compliance reviews. - Monitor regulatory updates affecting Department of Defense contractors. - Assist clients with annual self-assessments and SPRS submissions. - Support audit readiness initiatives. - Coordinate with C3PAOs, government auditors, and other stakeholders as necessary. Qualifications - Current CMMC Certified Practitioner (CP) certification or higher - Ability to obtain CMMC CCP or CCA within 90 days if not already certified - 3+ years of experience in cybersecurity, information assurance, risk management, or compliance - Experience working with: - NIST SP 800-171 - DFARS 252.204-7012 - CMMC - Experience supporting Department of Defense contractors or federal compliance programs - Strong written and verbal communication skills - Ability to manage multiple client engagements simultaneously - Excellent organizational and project management skills Preferred Qualifications - CMMC CCP (OK If In Progress) - CMMC CCA (OK If In Progress) - Security+ - Experience working within a Managed Service Provider (MSP) - Experience serving as a vCISO or virtual Compliance Officer - Experience with vulnerability assessments, risk assessments, and security audits - Understanding of federal contracting regulations and Controlled Unclassified Information (CUI) - Familiarity with common compliance tracking platforms, ticketing systems, and remote collaboration tools Technical Knowledge - Strong knowledge of: - NIST SP 800-171 - CMMC 2.0 - DFARS cybersecurity requirements - Risk Management Frameworks - Security policies and governance - Security documentation - Risk assessments - Cybersecurity best practices - Microsoft Government Cloud (GCC/GCC High) environments (preferred) What We're Looking For - Enjoys solving complex compliance challenges. - Can confidently explain technical concepts to executive leadership. - Builds trusted relationships with clients. - Is highly organized and detail-oriented. - Thrives in a fast-paced consulting environment. - Is passionate about helping organizations improve their cybersecurity posture. Benefits - Competitive salary - Comprehensive medical, dental, and vision insurance - Company-paid Life Insurance - Company-paid Short-Term & Long-Term Disability - SIMPLE IRA retirement plan with company match - 128 hours of Paid Time Off - Paid industry certifications and continuing education - Professional development assistance - Referral bonus program - Legal services benefit - Performance bonus opportunities - Free office snacks - Outstanding team culture - Opportunity for long-term career advancement within one of the nation's premier defense cybersecurity organizations Travel Up to 25% travel may be required. Equal Opportunity Employer On Call Computer Solutions is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive workplace where every employee has the opportunity to succeed.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Monitor security events and provide technical analysis on alerts • Lead information security incidents and employee insider investigations by developing the incident response strategy, lead the execution through incident closure, while providing incident updates to key stakeholders throughout the incident • Deliver security guidance clearly and concisely for incident response and insider threat initiatives • Coordinate the building of services, capabilities, integrations, and implementations of technologies to support security operations, incident response, and insider threat • Champion, role model, and embed Samsara’s cultural principles as we scale globally and across new offices • Participate in our on-call rota covering weekends
Senior Security Engineer
Brave SoftwareWe're building a more private Internet by stopping trackers, making Web3 more accessible and reimagining advertising.
• Security reviews of Brave products • Triaging and fixing security reports • Designing and implementing security-relevant code • Penetration tests of Brave products and infrastructure
Network Security Consultant- Part Time
TufinTufin is a world leading network security policy management company, managing and automating security changes across next gen firewalls and network devices. We are a hybrid technology, supporting on/off prem and cloud services. The automation orchestration piece is what sets us apart in the market, as this allows us to help our customers to implement their security changes in hours or minutes vs. days. Since going public in April 2019, Tufin has continued to be the market leader in the space!
DescriptionTufin is building AI tools that assist network security engineers in their daily work. To do this well, we need to deeply understand what network security engineers actually do: the tasks, the decisions, the pain points, the tools they use, the systems they get their data from and the domain knowledge that defines the craft. We are looking for a senior network security engineering practitioner, who can serve as the domain authority for this initiative. You will work closely with our product managers and AI teams to define the network security engineer persona, articulate their workflows, and help design AI tools that reflect real-world expertise. What You'll Do - Define the day-to-day tasks and workflows of network security engineers in enterprises across industries such as banking, insurance, retail, manufacturing, IT, telco, and airlines -- capturing how these vary by industry and organization size. - Articulate the network security engineer persona: their goals, challenges, tools, data, decision-making patterns, and the tribal knowledge they carry. - Collaborate with product managers and AI engineers to translate domain knowledge into agent capabilities, use cases, and acceptance criteria. - Advise on the technical accuracy and real-world relevance of agent behaviors across areas including: firewall, cloud and SASE network security, policy management and rule recertification, compliance and audit readiness, vulnerability management, application connectivity and change requests, network troubleshooting, policy cleanup and security issues triage. - Review and critique agent outputs, providing expert feedback to improve precision and coverage. - Help build and validate test scenarios grounded in real enterprise environments. *** Position Type: Part-Time (50%) | 6-Month Temporary Position (with potential for extension) *** Requirements - 8+ years as a senior network engineer or network team lead at a large enterprise or service provider. - Deep hands-on expertise in firewall management (policy design, rule lifecycle, recertification, cleanup) and network security operations. - Experience working in regulated or complex environments -- ideally in a global organization providing financial services, insurance, telco, manufacturing, or a similarly demanding sector. - Strong familiarity with modern network architectures including cloud networking (AWS, Azure, GCP), SASE, SD-WAN, and hybrid environments. - Experience with leading firewall and security platforms (e.g., Palo Alto, Check Point, Fortinet, Cisco) and network security tools. - Background in compliance frameworks, vulnerability management, and change management processes as they apply to network infrastructure. - Familiarity with Tufin or competitor products is an advantage. Skills & Attributes - Exceptional written and verbal communication -- able to explain complex technical workflows to non-technical stakeholders and vice versa. - Strategic thinker who can see the big picture: how individual tasks fit into the broader operating model of a network security team. - Able to structure and document institutional knowledge in a way that can inform AI agent design. - Collaborative, curious, and comfortable working at the intersection of networking, security, and product development. - Able to work in a fast-paced environment with frequent context switching, brainstorming and experimenting. - Based in the US; familiarity with the regulatory and operational landscape in those regions is a plus.
Cyber Operations, Department of Cybersecurity - Adjunct Faculty
University of Maryland Global CampusThe University of Maryland Global Campus (UMGC), founded in 1947, is a pioneering institution dedicated to serving adult learners and military personnel worldwi
Title: Cyber Operations, Department of Cybersecurity - Adjunct Faculty Location: United States Job Description: Job Ref: 10025943 Location: Remote Category: Adjunct Faculty Type: Part time Adjunct Faculty Cyber Operations Department of Cybersecurity UMGC Stateside Location: Stateside Remote University of Maryland Global Campus (UMGC) seeks adjunct faculty to teach remotely for the Cyber Dev Operations program. Specifically, the following course(s): Foundations of Cyberspace Operations (CYOP 200): A hands-on introduction to the principles of cyberspace operations that support defensive and offensive processes. The objective is to navigate, integrate, and use popular cybersecurity tools and functions in a safe environment to detect and reduce system threats and vulnerabilities. Topics include strategic and tactical planning and guidance, security objectives for information systems, cybersecurity frameworks, security design principles, vulnerabilities and exploits, network and application security techniques, and automated tools for testing and security assessment. Reverse Engineering and Malware Analysis (CYOP 310): A lab-intensive study of reverse engineering and malware analysis techniques. The objective is to recognize, dissect, and remediate infections caused by malicious code and malware using modern tools and methodologies. Topics include malware analysis, reverse engineering, common malware patterns, assembly language, debuggers and obfuscation, and packing techniques. Cyber Operations Capstone (CYOP 495): A comprehensive project-driven study of cyber operations, network collection tactics, techniques, and procedures and reverse engineering and malware analysis with an emphasis on the proactive response to triggers or unusual activity. The objective is to use appropriate tools and techniques to monitor cyber operations. Topics include wireless and virtual networks, cryptography, network monitoring and intrusion analysis, threat hunting, and secure software engineering. Required Education and Experience - Masters degree in Cyber Operations or related field from an accredited institution of higher learning. - Professional experience in Cyber Operations or related fields. - Experience teaching adult learners online and in higher education is strongly preferred. - This position is specifically to teach online. Materials needed for submission - Resume/ Curriculum Vitae - Cover letter highly preferred - If selected, candidates with international degrees may be required to submit translation/ degree evaluation from a NACES approved Vendor. Who We Are and Who We Serve UMGC—one of 12 degree-granting institutions in the University System of Maryland (USM)—is a mission-driven institution with seven core values that guide us in all we do. At the top of the list is "Students First,” and we strive to do just that for our 90,000 students at home and abroad. From its start in 1947, UMGC has demonstrated its commitment to adult learners. We recognize that adult students need flexibility and options. UMGC is proud to be a global, 24-hour, institution of higher learning. The typical UMGC student is an adult learner juggling a career, family, and other priorities. Roughly 80% work full time, half are parents, and half are minority students. They are continuing their education to better themselves, their families, and their professional opportunities. UMGC is also a leading higher education provider to the U.S. military, enrolling 55,000 active-duty service members, reservists, National Guard members, veterans, and family members annually. We are proud of our military heritage and are committed to this service. The Adjunct Faculty Role at UMGC UMGC is committed to helping students achieve success not only with us, but also in their professional fields. As a result, we actively seek faculty members who are scholar-practitioners: professionals who are actively and successfully engaged in their field who additionally wish to help the next generation of professionals grow in their knowledge and expertise through education. Your role as an adjunct faculty member will be to: - Actively engage students through frequent interaction that motivates them to succeed, and conveys a genuine energy and enthusiasm for their learning. - Guide students in active collaboration and the application of their learning in problem- and project-based learning demonstrations. - Provide rich and regular constructive feedback, utilizing rubrics effectively for the assessment of student work, and acknowledging student accomplishments. - Demonstrate relevant and current subject-matter expertise, and help students connect concepts across their academic program. - Provide feedback to your program chair on possible curricular improvements. The Computer Networks and Cybersecurity program at UMGC Please visit the following link to learn more about this program, including its description, outcomes, and coursework: https://www.umgc.edu/online-degrees/masters/cybersecurity-technology Faculty Training at UMGC We are committed to your professional success at UMGC. Each new faculty member is required to successfully complete our online two-week new faculty orientation, FacDev 411, as a condition of hire. Position Available and will Remain Open until Filled Salary Commensurate with Experience All submissions should include a cover letter and resume. The University of Maryland Global Campus (UMGC) is an equal opportunity employer and complies with all applicable federal and state laws regarding nondiscrimination. UMGC is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, ancestry, political affiliation or veteran status in employment, educational programs and activities, and admissions. Workplace Accommodations: The University of Maryland Global Campus Global Campus (UMGC) is committed to creating and maintaining a welcoming and inclusive working environment for people of all abilities. UMGC is dedicated to the principle that no qualified individual with a disability shall, based on disability, be excluded from participation in or be denied the benefits of the services, programs, or activities of the University, or be subjected to discrimination. For information about UMGC's Reasonable Workplace Accommodation Policy or to request an accommodation, applicants/candidates can contact Employee Accommodations via email Benefits Package Highlights: - Health Coverage: Access to health care, medical with vision, dental, and prescription plans for both individuals and families, effective from the 1st of the month following your hire date. NOTE: Adjuncts are not eligible for the State of Maryland subsidized rates. Adjuncts would be responsible for the total cost if enrolled. - Insurance Options: Term Life Insurance and Accidental Death and Dismemberment Insurance. - Supplemental Retirement Plans: include 401(k), 403(b), 457(b), and various Roth options. The university does not provide matching funds. For additional information please see: SS Adjunct Faculty_2020.pdf (umgc.edu) Hiring Range by Rank and Degree: Instructor: No Terminal Degree: Step 1 $806 - Step 11 $1,050 per credit hour Assistant Adjunct Professor: No Terminal Degree Step 1 $877 - Step 11 $1,127 per credit hour Assistant Adjunct Professor: Terminal Degree Step 1 $1,023 - Step 11 $1,288 per credit hour Associate Adjunct Professor: No Terminal Degree Step 1 $947 - Step 11 $1,205 per credit hour Associate Adjunct Professor: Terminal Degree Step 1 $1,202 - Step 11 $1,483 per credit hour Adjunct Professor: No Terminal Degree Step 1 $1,023 - Step 11 $1,288 per credit hour Adjunct Professor: Terminal Degree Step 1 $1,347 - Step 11 $1,645 per credit hour



