About The Role

Ideal for IT Support or System Admin professionals looking to transition into cybersecurity and compliance. No prior compliance experience required training will be provided.

This is an entry-level to junior role designed for IT professionals looking to transition into cybersecurity and compliance. The Compliance Analyst will receive training and hands-on experience supporting CMMC compliance programs for Department of Defense contractors, including implementation, audit readiness, and ongoing compliance sustainment.

What You'll Learn In This Role

• CMMC (Cybersecurity Maturity Model Certification) framework
• NIST SP 800-171 security controls
• How to prepare organizations for compliance audits
• How to manage compliance documentation (SSPs, POA&Ms, policies)
• Security best practices in Microsoft GCC / GCC High environments
• Real-world cybersecurity operations in regulated environments

Key Responsibilities And Duties

• Assist in developing and customizing policies, procedures and other supporting documentation for clients
• Work closely with Compliance Managers and leadership to implement CMMC compliance requirements across several clients simultaneously
• Assist with client audits and assessments by providing documentation and evidence to third party auditors
• Review and validate client-provided evidence to ensure audit readiness and alignment with CMMC requirements
• Assist in reviewing configurations in Microsoft 365 GCC/GCC High and other platforms to confirm alignment with documentation
• Execute and track ongoing compliance activities to ensure continuous adherence to CMMC requirements post-assessment
• Assist with Project Management responsibilities including facilitating meetings, calls and supporting notes and activities
• Support delivery of OSIbeyond’s Compliance as a Service (CaaS) model, ensuring clients maintain continuous compliance rather than point-in-time certification
• Work within Microsoft 365 GCC / GCC High environments to validate secure configurations aligned with CMMC controls
• Other duties as assigned

Security Responsibilities

• Complete required training and maintain awareness of cybersecurity risks including insider threats and handling of regulated data.
• Treat company and client data as confidential and follow all applicable security and information protection policies.
• Follow cybersecurity procedures outlined in company policies and the employee handbook.
• Immediately report and follow incident response procedures for any suspected security incidents.

Job Qualifications

• 1–3 years of IT Support, Helpdesk, or System Administration experience
• Existing Helpdesk, System Administration or Managed IT experience including knowledge of Microsoft 365 / Entra ID and Intune
• Familiarity with common security tools including EDR / Antivirus, Vulnerability Scanning & Patch Management
• Basic understanding of CMMC and/or NIST SP 800-171 requirements
• Experience working with security policies, procedures, or compliance documentation
• Familiarity with audit preparation, evidence collection, or regulated environments
• Strong attention to detail and ability to follow structured processes
• Interest in cybersecurity, compliance, or risk management

Certifications

• CMMC Registered Practitioner (RP) – Preferred, not required
• Security+ or equivalent cybersecurity certification – Preferred

Position

• Location – Remote from the United States
• Employment Type - Full time
• Compensation - $65,000-75,000.00 DOE

Benefits

• Medical Insurance - OSIbeyond pays 75% of the premium for the Employee's base medical plan
• Vision and Dental Insurance - OSIbeyond pays 75% of the premium for the Employee's plans
• Life Insurance - OSIbeyond pays 100% of the premium for the Employee's plans
• Short Term Disability Insurance - OSIbeyond pays 100% of the premium for the Employee's plans
• 401K - OSIbeyond matches up to 4%
• PTO/Holidays - 9 paid Holidays and accrual based PTO which increases with tenure, new hires start out with 2 weeks.