CMMC Technical Analyst

The CMMC Technical Analyst is responsible for supporting the protection and management of Controlled Unclassified Information (CUI) and ensuring compliance with CMMC best practices. This role provides advanced technical support, contributes to cybersecurity projects, and maintains compliance documentation and evidence repositories to support audit readiness.

Essential Job Duties

Technical & Operational Support

• Provide Level 2 technical support, including in‑depth diagnostics, root‑cause analysis, system configuration, and network troubleshooting.
• Maintain accurate hardware and software inventory.
• Maintain and update the help desk application to support activity tracking and reporting.
• Ensure all IT operations support corporate objectives and cybersecurity requirements.

CUI Management & Compliance

• Maintain proficiency in CUI handling requirements and ensure compliance with all applicable regulations.
• Monitor changes in federal cybersecurity laws, standards, and frameworks related to CUI protection.
• Ensure organizational policies reflect current regulatory and contractual obligations.

Frameworks & Standards

• Demonstrate expert knowledge of NIST standards, including NIST SP 800‑171.
• Apply expert understanding of CMMC 2.0 requirements to support compliance initiatives.
• Implement and optimize programs aligned with NIST SP 800‑171, CMMC, FedRAMP, and related frameworks.

Documentation & Audit Readiness

• Develop and maintain System Security Plans (SSPs), POA&Ms, and other compliance artifacts.
• Maintain evidence repositories, compliance dashboards, and control libraries.
• Analyze audit findings and continuous monitoring data to assess impacts on cybersecurity maturity.
• Lead drafting, revision, and lifecycle management of IT policies, procedures, and memos.

Risk, Monitoring & Detection

• Perform risk assessments, vulnerability analyses, threat modeling, and control testing.
• Demonstrate proficiency with SIEM platforms, supporting log analysis and monitoring.
• Support continuous monitoring activities to detect threats, including insider threat indicators.

Cloud, Automation & Systems

• Demonstrate proficiency with Government Cloud environments (e.g., GCC High, GovCloud).
• Utilize automation and scripting to streamline compliance and operational processes.
• Assist the Systems and Network Manager with cybersecurity projects and implementations.

Collaboration & Communication

• Collaborate with business units to ensure systems, services, and vendors comply with safeguarding requirements.
• Translate complex technical and compliance information into clear, actionable guidance for non‑technical stakeholders.
• Train and assist IT support specialists on cybersecurity policies and compliance requirements.

General Responsibilities

• Adhere to internal IT procedures and recommend improvements as needed.
• Follow all company safety and quality standards.
• Maintain a clean, safe, and organized work environment.
• Perform other related duties as assigned.

Security & Compliance Requirements

• Must be a U.S. Person as defined by ITAR (U.S. citizen, lawful permanent resident, or protected individual).
• Must meet eligibility requirements for access to Controlled Unclassified Information (CUI).
• Must pass all required background screenings.

Qualifications

• Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related discipline.
• Must be a U.S. citizen and able to pass a background check.
• Minimum of 5 years of experience in Cybersecurity, Security Analysis, or a related field.
• Industry-recognized certifications preferred, such as CISM, CASP+, CISSP, CISA, Security+, or equivalent credentials.
• Strong proficiency in English, with the ability to speak, read, and write at a professional level.

Work Environment & Additional Requirements

• Occasional travel may be required.
• Availability for after‑hours support during critical compliance activities.
• Prolonged periods of sitting and computer use.
• Occasional lifting of up to 25 lbs.

Please note: This position is fully onsite at our corporate office. Applicants must be able to attend an in‑person interview and work onsite.