[Remote] Cybersecurity & Compliance Analyst
Note: The job is a remote job and is open to candidates in USA. CyberSheath Services International LLC is a rapidly growing Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). As a Cybersecurity & Compliance Analyst, you will own all aspects of cybersecurity compliance for your assigned clients, lead compliance efforts, and ensure continuous compliance with industry regulations. Responsibilities β’ Own and lead all compliance efforts for assigned clients, acting as the primary advisor on cybersecurity compliance and regulatory alignment. β’ Maintain proactive communication with clients on compliance status, assessment results, and remediation Deliver regular updates through executive briefings, business reviews, and detailed reporting. β’ Lead and execute compliance assessments (e.g., DFARS, NIST 800-171, and CMMC Maturity Level 2). Perform annual assessments and ensure evidence-based control β’ Lead the implementation and continuous monitoring of compliance frameworks (e.g., NIST SP 800-171, CMMC). Develop and manage System Security Plans (SSPs) and Plans of Action & Milestones (POA&M) for clients. β’ Guide clients through internal and external audits, ensuring all necessary evidence, documentation, and artifacts are in place for successful certification. β’ Collaborate with clients to develop, update, and maintain compliance documentation, including policies, procedures, SSPs, POA&Ms, and other governance materials. β’ Ensure compliance policies and procedures aligned with NIST 800-171, CMMC, and DFARS. Provide expertise in drafting and maintaining control documentation. β’ Develop and maintain incident response plans. Conduct tabletop exercises with clients to test incident response readiness and improve incident management capabilities. β’ Perform regular risk assessments to identify compliance gaps and develop mitigation strategies. Maintain risk registers and ensure continuous improvement of compliance postures. β’ Deliver or facilitate client training programs, including basic security awareness, privileged user training, and handling of Controlled Unclassified Information (CUI). Skills β’ Broad understanding of systems and security engineering principles, including the ability to build and troubleshoot systems (e.g., servers, Active Directory) β’ Understanding of network fundamentals, cloud technologies (IaaS, PaaS, SaaS), and cybersecurity β’ Experience within the Defense Industrial Base (DIB), with expertise in assessing compliance for DIB contractors β’ Direct, hands-on experience with NIST 800-171, CMMC, DFARS 252.204-7012 β’ Must have led compliance assessments and demonstrated independent leadership of audits or regulatory β’ CMMC Certified Assessor, CISSP, CISM, or other relevant cybersecurity certifications β’ Passion for working in a challenging, fast-paced environment with a 'whatever it takes' attitude and a commitment to continuous learning and improvement β’ Excellent verbal and written communication skills β’ Ability to convey complex compliance requirements clearly to both technical and non-technical stakeholders β’ Comfortable working independently, pivoting when necessary, and raising your hand when additional resources are needed β’ Strong follow-through and reliability in meeting deadlines Company Overview β’ CyberSheath is one of the industryβs few one-stop cybersecurity compliance service providers, going beyond assessment and software licensing to solve the whole problem. It was founded in 2012, and is headquartered in Reston, Virginia, USA, with a workforce of 51-200 employees. Its website is Apply tot his job