Job description
Position: Cybersecurity/Compliance Analyst
Work Location: Onsite, Belcamp, MD, Orlando, FL, Camden, AR, Fullerton, CA, Santa Clarita, CA, Rustburg, VA.
Daily schedule: 40 hours per week, standard business hours
Expected Pay Rate:
Start: ASAP
Notes: No C2C, must be US Citizen.
Summary:
We are seeking a detail-oriented Compliance Analyst to support compliance documentation, gap assessments, and day-to-day tasks required for CMMC audit readiness. This role will focus on managing the lifecycle of documentation, ensuring changes are properly tracked, validated, and aligned with regulatory requirements.
• Perform control gap assessments against CMMC and NIST SP 800-171 frameworks, identifying areas for remediation.
• Document findings, prepare remediation recommendations, and track progress through Plan of Action & Milestones (POA&M) .
• Draft, update, and maintain policies, procedures, training materials , and System Security Plan (SSP) documentation.
• Collect, organize, and manage evidence artifacts for internal and external audits, ensuring traceability and completeness.
• Maintain version control and change tracking for all compliance-related documentation, ensuring updates follow established review and approval workflows.
• Collaborate with IT, security, and compliance teams to ensure documentation reflects current system configurations and control implementations.
• Prepare and execute IT audit programs covering access control, change management, and application controls.
• Support the development of knowledge bases and repositories for audit readiness, including FAQs, process guides, and compliance checklists.
• Ensure documentation aligns with evolving CMMC , DFARS , and DoD requirements and supports continuous improvement efforts.
• Facilitate communication between technical teams and auditors by translating technical changes into clear, audit-ready documentation.
• Monitor and report on documentation status, gaps, and readiness metrics to leadership.
Qualifications:
• 3–5 years of experience in cybersecurity, IT compliance, or documentation management.
• Familiarity with CMMC , NIST SP 800-171 , and DFARS frameworks.
• Strong skills in technical writing , documentation lifecycle management , and compliance reporting .
• Experience with audit preparation , evidence collection, and policy/procedure development.
• Proficiency with documentation tools (e.g., SharePoint, Confluence, Microsoft Word/Excel).
• Knowledge of Microsoft D365
• Certifications preferred : Security+ (baseline), and CISSP , CISA , or equivalent
• Excellent communication and organizational skills, with attention to detail and accuracy.
At Idea Entity, our culture is centered around diversity and inclusion where our employees are valued and empowered. We are an Equal Opportunity Employer and employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.
Requirements
• 3–5 years of experience in cybersecurity, IT compliance, or documentation management
• Familiarity with CMMC , NIST SP 800-171 , and DFARS frameworks
• Strong skills in technical writing , documentation lifecycle management , and compliance reporting
• Experience with audit preparation , evidence collection, and policy/procedure development
• Proficiency with documentation tools (e.g., SharePoint, Confluence, Microsoft Word/Excel)
• Knowledge of Microsoft D365
• Excellent communication and organizational skills, with attention to detail and accuracy
