[Remote] Compliance Consultant

Note: The job is a remote job and is open to candidates in USA. CompliancyIT is a fast-growing IT Services, Security, and Compliance Company. They are seeking a Jr. Compliance Consultant to support the Compliance Team by building, implementing, and improving Cybersecurity Compliance Programs tailored to clients' needs, focusing on NIST 800-171/CMMC. Responsibilities Support the Compliance Team building, implementing, and continuously improving Cybersecurity Compliance Programs Coordinate client meetings Evaluate control implementation Author governance documentation such as Policies and Plans Prepare materials for meetings Support during Gap Assessments Analyze results of Gap Assessments to ensure both technical and operational controls are in place and effective Skills Minimum 1 year of experience in cybersecurity, compliance consulting, GRC, or related field Strong working knowledge of NIST 800-171 & CMMC (required) Familiarity with the following frameworks favored: NIST Cybersecurity Framework (CSF), CIS Controls (v8), ISO 27001 Familiarity with FAR/DFARS, FedRAMP, and government contracting environments Understanding of both technical implementations (e.g., SIEM, MFA, secure baselines) and operational processes (e.g., policy enforcement, user access reviews) Strong project management skills—able to move multiple engagements forward concurrently Strong organizational skills – able to keep track of disparate information across multiple clients Technical knowledge: Understand the technical intent of 800-171 controls and determine appropriate responses, Ability to see technical gaps in an IT environment Proficient in Word, SharePoint, Excel Experience working in GRC Tools Willingness to achieve CMMC Certified Professional (if not already certified) and other IT Audit or IT Risk Certificates Benefits 401(k) matching Dental insurance Flexible schedule Health insurance Paid time off Vision insurance Company Overview You are about to TRUST someone with one of the most important operational decisions for your business: Who should you give the authority to access, maintain and manage your company’s critical data and IT systems? This decision, if mishandled or granted to the wrong person, could turn into a number of time-consuming, costly and irritating problems for you, including endless technical “glitches,” extended downtime, errors, slowness and possibly even critical data loss or security breaches. It was founded in 2006, and is headquartered in Greensburg, Pennsylvania, USA, with a workforce of 11-50 employees. Its website is