Compliance Analyst

About the

Role:

Ideal for IT Support or System Admin professionals looking to transition into cybersecurity and compliance. No prior compliance experience required training will be provided. This is an entry-level to junior role designed for IT professionals looking to transition into cybersecurity and compliance. The Compliance Analyst will receive training and hands-on experience supporting CMMC compliance programs for Department of Defense contractors, including implementation, audit readiness, and ongoing compliance sustainment. What You'll Learn in

This Role:

CMMC (Cybersecurity Maturity Model Certification) framework

NIST SP 800-171

security controls How to prepare organizations for compliance audits How to manage compliance documentation (SSPs, POA&Ms, policies) Security best practices in Microsoft

GCC / GCC

High environments Real-world cybersecurity operations in regulated environments

Key Responsibilities and Duties:

Assist in developing and customizing policies, procedures and other supporting documentation for clients Work closely with Compliance Managers and leadership to implement CMMC compliance requirements across several clients simultaneously Assist with client audits and assessments by providing documentation and evidence to third party auditors Review and validate client-provided evidence to ensure audit readiness and alignment with CMMC requirements Assist in reviewing configurations in Microsoft 365 GCC/GCC High and other platforms to confirm alignment with documentation Execute and track ongoing compliance activities to ensure continuous adherence to CMMC requirements post-assessment Assist with Project Management responsibilities including facilitating meetings, calls and supporting notes and activities Support delivery of OSIbeyond's Compliance as a Service (CaaS) model, ensuring clients maintain continuous compliance rather than point-in-time certification Work within Microsoft 365 GCC / GCC High environments to validate secure configurations aligned with CMMC controls Other duties as assigned Security Responsibilities Complete required training and maintain awareness of cybersecurity risks including insider threats and handling of regulated data. Treat company and client data as confidential and follow all applicable security and information protection policies. Follow cybersecurity procedures outlined in company policies and the employee handbook. Immediately report and follow incident response procedures for any suspected security incidents.

Job Qualifications:

1-3 years of IT Support, Helpdesk, or System Administration experience Existing Helpdesk, System Administration or Managed IT experience including knowledge of Microsoft 365 / Entra ID and Intune Familiarity with common security tools including EDR / Antivirus, Vulnerability Scanning & Patch Management Basic understanding of CMMC and/or

NIST SP 800-171

requirements Experience working with security policies, procedures, or compliance documentation Familiarity with audit preparation, evidence collection, or regulated environments Strong attention to detail and ability to follow structured processes Interest in cybersecurity, compliance, or risk management Certifications CMMC Registered Practitioner (RP)

• Preferred, not required Security+ or equivalent cybersecurity certification

• Preferred Position:

  Location
• Rockville, MD
• Hybrid eligible, not to exceed 1-day WFH. Employment Type
• Full time Compensation
• $65,000-75,000.

00

DOE Benefits:

Medical Insurance

• OSIbeyond pays 75% of the premium for the Employee's base medical plan Vision and Dental Insurance
• OSIbeyond pays 75% of the premium for the Employee's plans Life Insurance
• OSIbeyond pays 100% of the premium for the Employee's plans Short Term Disability Insurance
• OSIbeyond pays 100% of the premium for the Employee's plans 401K
• OSIbeyond matches up to 4% PTO/Holidays
• 9 paid Holidays and accrual based PTO which increases with tenure, new hires start out with 2 weeks. Compliance Analyst Rockville, MD 20852 Hybrid work $65,000
• $75,000 a year
• Full-time $65,000
• $75,000 a year
• Full-time About the

Role:

Ideal for IT Support or System Admin professionals looking to transition into cybersecurity and compliance. No prior compliance experience required training will be provided. This is an entry-level to junior role designed for IT professionals looking to transition into cybersecurity and compliance. The Compliance Analyst will receive training and hands-on experience supporting CMMC compliance programs for Department of Defense contractors, including implementation, audit readiness, and ongoing compliance sustainment. What You'll Learn in

This Role:

CMMC (Cybersecurity Maturity Model Certification) framework

NIST SP 800-171

security controls How to prepare organizations for compliance audits How to manage compliance documentation (SSPs, POA&Ms, policies) Security best practices in Microsoft

GCC / GCC

High environments Real-world cybersecurity operations in regulated environments

Key Responsibilities and Duties:

Assist in developing and customizing policies, procedures and other supporting documentation for clients Work closely with Compliance Managers and leadership to implement CMMC compliance requirements across several clients simultaneously Assist with client audits and assessments by providing documentation and evidence to third party auditors Review and validate client-provided evidence to ensure audit readiness and alignment with CMMC requirements Assist in reviewing configurations in Microsoft 365 GCC/GCC High and other platforms to confirm alignment with documentation Execute and track ongoing compliance activities to ensure continuous adherence to CMMC requirements post-assessment Assist with Project Management responsibilities including facilitating meetings, calls and supporting notes and activities Support delivery of OSIbeyond's Compliance as a Service (CaaS) model, ensuring clients maintain continuous compliance rather than point-in-time certification Work within Microsoft 365 GCC / GCC High environments to validate secure configurations aligned with CMMC controls Other duties as assigned Security Responsibilities Complete required training and maintain awareness of cybersecurity risks including insider threats and handling of regulated data. Treat company and client data as confidential and follow all applicable security and information protection policies. Follow cybersecurity procedures outlined in company policies and the employee handbook. Immediately report and follow incident response procedures for any suspected security incidents.

Job Qualifications:

1-3 years of IT Support, Helpdesk, or System Administration experience Existing Helpdesk, System Administration or Managed IT experience including knowledge of Microsoft 365 / Entra ID and Intune Familiarity with common security tools including EDR / Antivirus, Vulnerability Scanning & Patch Management Basic understanding of CMMC and/or

NIST SP 800-171

requirements Experience working with security policies, procedures, or compliance documentation Familiarity with audit preparation, evidence collection, or regulated environments Strong attention to detail and ability to follow structured processes Interest in cybersecurity, compliance, or risk management Certifications CMMC Registered Practitioner (RP)

• Preferred, not required Security+ or equivalent cybersecurity certification

• Preferred Position:

  Location
• Rockville, MD
• Hybrid eligible, not to exceed 1-day WFH. Employment Type
• Full time Compensation
• $65,000-75,000.

00

DOE Benefits:

Medical Insurance

• OSIbeyond pays 75% of the premium for the Employee's base medical plan Vision and Dental Insurance
• OSIbeyond pays 75% of the premium for the Employee's plans Life Insurance
• OSIbeyond pays 100% of the premium for the Employee's plans Short Term Disability Insurance
• OSIbeyond pays 100% of the premium for the Employee's plans 401K
• OSIbeyond matches up to 4% PTO/Holidays
• 9 paid Holidays and accrual based PTO which increases with tenure, new hires start out with 2 weeks.