[Remote] Cybersecurity & Compliance Analyst

Note: The job is a remote job and is open to candidates in USA. CyberSheath Services International LLC is a rapidly growing Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). As a Cybersecurity & Compliance Analyst, you will own all aspects of cybersecurity compliance for your assigned clients, lead compliance efforts, and ensure continuous compliance with industry regulations. Responsibilities • Own and lead all compliance efforts for assigned clients, acting as the primary advisor on cybersecurity compliance and regulatory alignment. • Maintain proactive communication with clients on compliance status, assessment results, and remediation Deliver regular updates through executive briefings, business reviews, and detailed reporting. • Lead and execute compliance assessments (e.g., DFARS, NIST 800-171, and CMMC Maturity Level 2). Perform annual assessments and ensure evidence-based control • Lead the implementation and continuous monitoring of compliance frameworks (e.g., NIST SP 800-171, CMMC). Develop and manage System Security Plans (SSPs) and Plans of Action & Milestones (POA&M) for clients. • Guide clients through internal and external audits, ensuring all necessary evidence, documentation, and artifacts are in place for successful certification. • Collaborate with clients to develop, update, and maintain compliance documentation, including policies, procedures, SSPs, POA&Ms, and other governance materials. • Ensure compliance policies and procedures aligned with NIST 800-171, CMMC, and DFARS. Provide expertise in drafting and maintaining control documentation. • Develop and maintain incident response plans. Conduct tabletop exercises with clients to test incident response readiness and improve incident management capabilities. • Perform regular risk assessments to identify compliance gaps and develop mitigation strategies. Maintain risk registers and ensure continuous improvement of compliance postures. • Deliver or facilitate client training programs, including basic security awareness, privileged user training, and handling of Controlled Unclassified Information (CUI). Skills • Broad understanding of systems and security engineering principles, including the ability to build and troubleshoot systems (e.g., servers, Active Directory) • Understanding of network fundamentals, cloud technologies (IaaS, PaaS, SaaS), and cybersecurity • Experience within the Defense Industrial Base (DIB), with expertise in assessing compliance for DIB contractors • Direct, hands-on experience with NIST 800-171, CMMC, DFARS 252.204-7012 • Must have led compliance assessments and demonstrated independent leadership of audits or regulatory • CMMC Certified Assessor, CISSP, CISM, or other relevant cybersecurity certifications • Passion for working in a challenging, fast-paced environment with a 'whatever it takes' attitude and a commitment to continuous learning and improvement • Excellent verbal and written communication skills • Ability to convey complex compliance requirements clearly to both technical and non-technical stakeholders • Comfortable working independently, pivoting when necessary, and raising your hand when additional resources are needed • Strong follow-through and reliability in meeting deadlines Company Overview • CyberSheath is one of the industry’s few one-stop cybersecurity compliance service providers, going beyond assessment and software licensing to solve the whole problem. It was founded in 2012, and is headquartered in Reston, Virginia, USA, with a workforce of 51-200 employees. Its website is https://cybersheath.com/.