Cybersecurity/Compliance Analyst

Position: Cybersecurity/Compliance Analyst

Work Location: Onsite, Belcamp, MD, Orlando, FL, Camden, AR, Fullerton, CA, Santa Clarita, CA, Rustburg, VA.

Daily schedule: 40 hours per week, standard business hours

Expected Pay Rate:

Start: ASAP

Notes: No C2C, must be US Citizen.

Summary:
We are seeking a detail-oriented Compliance Analyst to support compliance documentation, gap assessments, and day-to-day tasks required forCMMC audit readiness. This role will focus on managing the lifecycle of documentation, ensuring changes are properly tracked, validated, and aligned with regulatory requirements.

• Perform control gap assessments against CMMC and NIST SP 800-171 frameworks, identifying areas for remediation.
• Document findings, prepare remediation recommendations, and track progress through Plan of Action & Milestones (POA&M).
• Draft, update, and maintain policies, procedures, training materials, and System Security Plan (SSP) documentation.
• Collect, organize, and manage evidence artifacts for internal and external audits, ensuring traceability and completeness.
• Maintain version control and change tracking for all compliance-related documentation, ensuring updates follow established review and approval workflows.
• Collaborate with IT, security, and compliance teams to ensure documentation reflects current system configurations and control implementations.
• Prepare and execute IT audit programs covering access control, change management, and application controls.
• Support the development of knowledge bases and repositories for audit readiness, including FAQs, process guides, and compliance checklists.
• Ensure documentation aligns with evolving CMMC, DFARS, and DoD requirements and supports continuous improvement efforts.
• Facilitate communication between technical teams and auditors by translating technical changes into clear, audit-ready documentation.
• Monitor and report on documentation status, gaps, and readiness metrics to leadership.

Qualifications:

• 3–5 years of experience in cybersecurity, IT compliance, or documentation management.
• Familiarity with CMMC, NIST SP 800-171, and DFARS frameworks.
• Strong skills in technical writing, documentation lifecycle management, and compliance reporting.
• Experience with audit preparation, evidence collection, and policy/procedure development.
• Proficiency with documentation tools (e.g., SharePoint, Confluence, Microsoft Word/Excel).

Certifications preferred:

• Security+ (baseline)
• CISSP, CISA, or equivalent
• Excellent communication and organizational skills, with attention to detail and accuracy.

At Idea Entity, our culture is centered around diversity and inclusion where our employees are valued and empowered. We are an Equal Opportunity Employer and employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.