CMMC / NIST Consultant / Analyst

Hotman Group LLC

$80K — $120K *
US-AnywhereRemote in Fort Worth, TX
Technical Services
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3 to 5 years of relevant experience in GRC, cybersecurity compliance, or consulting
  • Hands-on CMMC experience is essential
  • Experience developing System Security Plans and compliance documentation
  • Familiarity with NIST SP 800-171, NIST SP 800-53, and FedRAMP
  • Strong writing and documentation skills for client-ready deliverables
  • Ability to manage client interactions and maintain project momentum
  • Professionalism and strong organization in client-facing situations

Responsibilities

  • Support client engagements for CMMC readiness and implementation
  • Develop, update, and maintain System Security Plans
  • Assist with NIST documentation and control mapping deliverables
  • Gather and review evidence for control implementation
  • Support CUI scoping and enclave design discussions
  • Draft and refine compliance policies and procedures
  • Identify gaps and support development of remediation tracking plans
  • Work with client stakeholders to facilitate information gathering
  • Participate in peer review of compliance deliverables

Benefits

  • Flexible work structure allowing part-time or full-time hours based on project needs
  • Remote consulting environment offers work-from-home flexibility
  • Opportunity to engage directly with clients and take ownership of deliverables
  • Participation in a straightforward yet rigorous hiring and assessment process
Full Job Description
About the Role

We are looking for a mid-level CMMC and NIST practitioner who can step into active client delivery work, produce strong documentation, and help move projects forward without a lot of hand-holding.

This is a contract role that may be structured as part-time or full-time based on project needs and candidate availability.

What You Will Do

As a CMMC / NIST Consultant Analyst at Hotman Group you will contribute directly to active client engagements involving federal compliance frameworks. You will:
  • Support client engagements related to CMMC readiness, implementation, and documentation
  • Develop, update, and maintain System Security Plans
  • Assist with NIST SP 800-171, NIST SP 800-53, and FedRAMP documentation, control mapping, and related deliverables
  • Gather, organize, and review evidence supporting control implementation
  • Support CUI scoping discussions, boundary definition, and enclave design
  • Draft and refine control narratives, policies, procedures, and related compliance documentation
  • Identify gaps and support development of POA&Ms and remediation tracking
  • Work directly with client stakeholders to collect information, validate details, and keep deliverables moving
  • Contribute to readiness efforts tied to assessments, documentation, and ongoing compliance activities
  • Participate in peer review of deliverables before they go to clients - your work will be reviewed and you will review others

This is hands-on delivery work in a remote consulting environment. You will be expected to step into active projects and contribute from day one.

What You Bring
  • 3 to 5 years of relevant experience in GRC, cybersecurity compliance, or related consulting work
  • Hands-on experience with CMMC-related work -- this is required, not a nice to have
  • Direct experience developing or contributing to System Security Plans, evidence collection, remediation documentation, and compliance policies -- also required
  • Familiarity with NIST SP 800-171, NIST SP 800-53, and FedRAMP
  • Strong writing and documentation skills -- your deliverables are clear, accurate, and do not require heavy editing before they go to a client
  • The ability to work directly with client stakeholders, gather information, manage follow-through, and keep work moving
  • Strong organization and professionalism in a client-facing environment
  • Comfort stepping into projects that are already in motion and contributing independently with minimal ramp-up time
  • A default toward communication - you keep the team informed, you acknowledge quickly, and you do not go dark on a deliverable or a client

Experience supporting CMMC Level 2 efforts, CUI scoping, enclaves, or boundary discussions is a strong plus. Familiarity with POA&Ms, assessment readiness, and control crosswalks is also valued.

Active certifications such as CCP, CCA, CISSP, CISM, or CISA are preferred. If you do not currently hold a relevant certification, we expect you to be actively pursuing one.

This role requires direct accountability for work product and outcomes. If your CMMC or NIST experience has been primarily observational or in a support capacity without ownership of documentation or deliverables, this role will be a significant adjustment.

Requirements
  • Permanent authorization to work in the U.S. -- no sponsorship of any kind now or in the future
  • Able to pass a background check
  • Reliable high-speed internet and a secure, private remote workspace


Our Hiring Process

Our process is designed to be straightforward but rigorous. In addition to a written questionnaire and video responses, finalists will complete a practical skills assessment before advancing to a panel interview with our delivery team. The assessment reflects the type of work you will do on active client engagements. If you are confident in your CMMC and NIST expertise, this is your opportunity to show it.

No phone calls or emails please.

Similar Jobs

More Jobs at Hotman Group LLC

More Technical Services Jobs

Find similar CMMC / NIST Consultant / Analyst jobs: