Compliance Analyst

About the Role:

Ideal for IT Support or System Admin professionals looking to transition into cybersecurity and compliance. No prior compliance experience required training will be provided. 

This is an entry-level to junior role designed for IT professionals looking to transition into cybersecurity and compliance. The Compliance Analyst will receive training and hands-on experience supporting CMMC compliance programs for Department of Defense contractors, including implementation, audit readiness, and ongoing compliance sustainment.

What You'll Learn in This Role:

• CMMC (Cybersecurity Maturity Model Certification) framework


• NIST SP 800-171 security controls


• How to prepare organizations for compliance audits


• How to manage compliance documentation (SSPs, POA&Ms, policies)


• Security best practices in Microsoft GCC / GCC High environments


• Real-world cybersecurity operations in regulated environments

Key Responsibilities and Duties: 

• Assist in developing and customizing policies, procedures and other supporting documentation for clients


• Work closely with Compliance Managers and leadership to implement CMMC compliance requirements across several clients simultaneously


• Assist with client audits and assessments by providing documentation and evidence to third party auditors


• Review and validate client-provided evidence to ensure audit readiness and alignment with CMMC requirements


• Assist in reviewing configurations in Microsoft 365 GCC/GCC High and other platforms to confirm alignment with documentation


• Execute and track ongoing compliance activities to ensure continuous adherence to CMMC requirements post-assessment


• Assist with Project Management responsibilities including facilitating meetings, calls and supporting notes and activities


• Support delivery of OSIbeyond’s Compliance as a Service (CaaS) model, ensuring clients maintain continuous compliance rather than point-in-time certification


• Work within Microsoft 365 GCC / GCC High environments to validate secure configurations aligned with CMMC controls


• Other duties as assigned

Security Responsibilities

• Complete required training and maintain awareness of cybersecurity risks including insider threats and handling of regulated data.


• Treat company and client data as confidential and follow all applicable security and information protection policies.


• Follow cybersecurity procedures outlined in company policies and the employee handbook.


• Immediately report and follow incident response procedures for any suspected security incidents.
  

Job Qualifications:

• 1–3 years of IT Support, Helpdesk, or System Administration experience


• Existing Helpdesk, System Administration or Managed IT experience including knowledge of Microsoft 365 / Entra ID and Intune


• Familiarity with common security tools including EDR / Antivirus, Vulnerability Scanning & Patch Management


• Basic understanding of CMMC and/or NIST SP 800-171 requirements


• Experience working with security policies, procedures, or compliance documentation


• Familiarity with audit preparation, evidence collection, or regulated environments


• Strong attention to detail and ability to follow structured processes


• Interest in cybersecurity, compliance, or risk management

Certifications

• CMMC Registered Practitioner (RP) – Preferred, not required


• Security+ or equivalent cybersecurity certification – Preferred
  

Position:

• Location – Rockville, MD –Hybrid eligible, not to exceed 1-day WFH.


• Employment Type - Full time 


• Compensation - $65,000-75,000.00 DOE

Benefits:

• Medical Insurance - OSIbeyond pays 75% of the premium for the Employee's base medical plan


• Vision and Dental Insurance - OSIbeyond pays 75% of the premium for the Employee's plans


• Life Insurance - OSIbeyond pays 100% of the premium for the Employee's plans


• Short Term Disability Insurance - OSIbeyond pays 100% of the premium for the Employee's plans


• 401K - OSIbeyond matches up to 4%


• PTO/Holidays - 9 paid Holidays and accrual based PTO which increases with tenure, new hires start out with 2 weeks.