Defense Contracting CMMC and Cyber Security

The CMMC & Cybersecurity Specialist is responsible for ensuring the organization meets all Cybersecurity Maturity Model Certification (CMMC) requirements and maintains a strong cybersecurity posture in support of Department of Defense (DoD) contract readiness. This role oversees the development, implementation, and continuous improvement of the company’s cybersecurity compliance program by conducting gap analyses, readiness assessments, and internal audits aligned with CMMC, NIST SP 800-171, and associated DoD regulations. The specialist maintains core documentation such as System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), incident response procedures, and other compliance records while working closely with IT, operations, engineering, and leadership teams to implement technical and administrative security controls.

ABOUT THE JOB

The CMMC Specialist will play a central role in driving the organization’s Cybersecurity Maturity Model Certification (CMMC) compliance efforts while supporting select cybersecurity initiatives across the company. Working closely with the Director of Corporate Security, this individual will help lead the IT department in understanding, implementing, and maintaining the controls required for CMMC—primarily NIST SP 800-171—ensuring the protection of Controlled Unclassified Information (CUI) and readiness for DoD assessments. The specialist will maintain core compliance documentation such as the System Security Plan (SSP) and POA&M, conduct internal readiness reviews, coordinate with technical teams to verify that security controls are correctly applied, and prepare the organization for third-party (C3PAO) audits. In addition to compliance responsibilities, the role will support limited cybersecurity functions, such as assisting with policy development, monitoring basic security practices, and reinforcing user awareness and training. The ideal candidate is detail-oriented, collaborative, and able to translate CMMC requirements into practical steps for IT and organizational leadership, ensuring a unified approach to both compliance and foundational cybersecurity hygiene.

RESPONSIBILITIES✨

• Ensure the organization meets all Cybersecurity Maturity Model Certification (CMMC) requirements and maintains a strong cybersecurity posture for DoD contract readiness.
• Oversee the development, implementation, and continuous improvement of the company's cybersecurity compliance program.
• Conduct gap analyses, readiness assessments, and internal audits aligned with CMMC, NIST SP 800-171, and associated DoD regulations.
• Maintain core documentation such as System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), incident response procedures, and other compliance records.
• Work closely with IT, operations, engineering, and leadership teams to implement technical and administrative security controls.

QUALIFICATIONS✨

• Ability to conduct internal readiness reviews and coordinate with technical teams to verify that security controls are correctly applied.
• Prepare the organization for third-party (C3PAO) audits.
• Support limited cybersecurity functions such as assisting with policy development, monitoring basic security practices, and reinforcing user awareness and training.

BENEFITS✨

• Upon successful completion of the program, the candidate will earn a Certified CMMC Professional (CCP) Certification.

OTHER

Upon successful completion of the program, the candidate will earn a Certified CMMC Professional (CCP) Certification, demonstrating validated expertise in CMMC requirements and readiness to support organizational compliance efforts.