CMMC Compliance Specialist (NIST SP 800-171)Job Type: Full-time
Position OverviewWe are seeking a highly qualified
CMMC Compliance Specialist to serve as a trusted compliance advisor for Department of Defense contractors. In this role, you will function as a virtual Compliance Officer for assigned clients, helping them build, maintain, and continuously improve their cybersecurity compliance programs.
You will guide organizations through every phase of the compliance lifecycle-from initial gap assessments and remediation planning to audit readiness and ongoing compliance management-while providing strategic guidance on CMMC, NIST SP 800-171, DFARS, and related federal cybersecurity requirements.
Primary ResponsibilitiesCompliance Consulting- Serve as the designated compliance advisor for assigned client organizations.
- Interpret and apply:
- NIST SP 800-171
- CMMC 2.0 Level 1 & Level 2 requirements
- SPRS scoring and submissions
- Guide clients through gap assessments, remediation planning, implementation, and certification readiness.
- Assist clients with developing and maintaining:
- System Security Plans (SSPs)
- Plans of Action & Milestones (POA&Ms)
- Security policies and procedures
- Compliance documentation and evidence
Client Success & Advisory- Conduct recurring compliance strategy meetings with clients.
- Review implementation progress and validate remediation efforts.
- Serve as the primary compliance contact throughout the client engagement.
- Translate complex regulatory requirements into practical business and technical recommendations.
- Collaborate with client leadership, IT teams, and security personnel to implement compliant solutions.
- Support clients before, during, and after assessments.
Documentation & Reporting- Prepare professional assessment reports and executive summaries.
- Maintain accurate compliance documentation and audit evidence.
- Track compliance milestones and client deliverables.
- Ensure documentation aligns with federal requirements and industry best practices.
Training & Education- Deliver cybersecurity awareness and compliance training for client personnel.
- Educate organizations on evolving CMMC and NIST requirements.
- Help clients understand how cybersecurity controls support their business operations.
Ongoing Compliance Management- Conduct monthly compliance reviews.
- Monitor regulatory updates affecting Department of Defense contractors.
- Assist clients with annual self-assessments and SPRS submissions.
- Support audit readiness initiatives.
- Coordinate with C3PAOs, government auditors, and other stakeholders as necessary.
Minimum QualificationsRequired- Current CMMC Certified Practitioner (CP) certification or higher
- Ability to obtain CMMC CCP or CCA within 90 days if not already certified
- 3+ years of experience in cybersecurity, information assurance, risk management, or compliance
- Experience working with:
- Experience supporting Department of Defense contractors or federal compliance programs
- Strong written and verbal communication skills
- Ability to manage multiple client engagements simultaneously
- Excellent organizational and project management skills
Preferred Qualifications- CMMC CCP (OK If In Progress)
- CMMC CCA (OK If In Progress)
- Security+
- Experience working within a Managed Service Provider (MSP)
- Experience serving as a vCISO or virtual Compliance Officer
- Experience with vulnerability assessments, risk assessments, and security audits
- Understanding of federal contracting regulations and Controlled Unclassified Information (CUI)
- Familiarity with common compliance tracking platforms, ticketing systems, and remote collaboration tools
Technical KnowledgeSuccessful candidates should possess strong knowledge of:
- NIST SP 800-171
- CMMC 2.0
- DFARS cybersecurity requirements
- Risk Management Frameworks
- Security policies and governance
- Security documentation
- Risk assessments
- Cybersecurity best practices
- Microsoft Government Cloud (GCC/GCC High) environments (preferred)
What We're Looking ForYou are someone who:
- Enjoys solving complex compliance challenges.
- Can confidently explain technical concepts to executive leadership.
- Builds trusted relationships with clients.
- Is highly organized and detail-oriented.
- Thrives in a fast-paced consulting environment.
- Is passionate about helping organizations improve their cybersecurity posture.
Why Join On Call Computer Solutions?- Competitive salary
- Comprehensive medical, dental, and vision insurance
- Company-paid Life Insurance
- Company-paid Short-Term & Long-Term Disability
- SIMPLE IRA retirement plan with company match
- 128 hours of Paid Time Off
- Paid industry certifications and continuing education
- Professional development assistance
- Referral bonus program
- Legal services benefit
- Performance bonus opportunities
- Free office snacks
- Outstanding team culture
- Opportunity for long-term career advancement within one of the nation's premier defense cybersecurity organizations
Travel- Up to 25% travel may be required.