CyberSheath Services International LLC is a rapidly growing Managed Services Provider primarily focused on providing CMMC Compliance and Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add to our team!   

CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and, in fact, may weaken an organization’s security posture. Our professionals advise clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security.    

Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Confident, ‘doers’ who ‘get the job done’ and strive to ‘do the right thing, even when no one is looking’ are the types of candidates who thrive in our culture.  Additionally, our most successful team members are self-starters and willing to put on many hats to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory.   

We are seeking a Compliance Engineer who will be responsible for implementing and maintaining the technical security controls required under the Cybersecurity Maturity Model Certification (CMMC). This individual will work in close partnership with our dedicated compliance team to ensure that our organization and our clients adhere to all relevant standards, frameworks, and best practices.  

As the CMMC Compliance-Focused Engineer, you will be both a strategic partner and a hands-on contributor—collecting evidence of compliant work, configuring IT/security systems, and guiding internal teams on best practices. You will also interface directly with our clients, supporting formal CMMC audits and providing expert input on technical compliance measures.  

Key Responsibilities  

CMMC Implementation & Maintenance  

• Implement, configure, and maintain security controls in line with CMMC requirements (e.g., GPOs, M365 tenant hardening, Intune, Conditional Access, Defender for Endpoint, SIEM).  

• Collaborate with internal and external stakeholders to ensure ongoing compliance with CMMC standards.  

• Serve as the internal subject matter expert on CMMC-related technical questions and processes.  

Technical Configuration & Operations  

• Design and deploy secure configurations for Microsoft 365, Azure, Azure Virtual Desktop, and the Microsoft Defender XDR suite.  

• Manage security baselines, conditional access policies, and monitoring/alerting configurations.  

• Coordinate with IT operations and security teams to remediate vulnerabilities and align with compliance objectives.  

Hands-On Infrastructure & Security Tools  

• Utilize Active Directory, firewalls, and related security or network tools to ensure compliance and gather logs/artifacts as evidence.  

• Demonstrate the ability to log in, review configurations, and interpret outputs (e.g., system events, access logs, firewall logs) to support compliance documentation.  

• Work with cross-functional teams to update and maintain security configurations that align with CMMC requirements.  

Compliance Evidence & Artifact Collection  

• Gather, document, and maintain the artifacts necessary to demonstrate compliance (system configurations, implementation records, access control logs, and related evidence).  

• Collaborate with cross-functional teams (IT, Security, DevOps) to validate and record operational and security processes in compliance with CMMC.  

Audit Support & Client Engagement  

• Provide expert guidance and support during client-facing CMMC audits, which may include up to 25% travel.  

• Communicate technical aspects of CMMC controls and remediation strategies clearly to both technical and non-technical audiences.  

• Represent the organization’s CMMC posture to external auditors, clients, and partners.  

Flexible Schedule & After-Hours Work  

• Execute security or IT controls that must take place outside standard business hours (e.g., evenings or weekends) to minimize disruption to production environments.  

• Coordinate with relevant teams to schedule and perform critical updates or implementations that require off-peak windows.  

• Document changes, communicate outcomes, and ensure smooth transitions back to normal operations.  

Continuous Improvement & Collaboration  

• Stay current on emerging threats, security trends, and CMMC updates; integrate these insights into ongoing compliance efforts.  

• Work closely with the dedicated compliance function to define, refine, and improve internal processes that align with CMMC requirements.  

• Identify opportunities to streamline technical controls, automate evidence collection, and enhance security posture.  

Qualifications & Skills  

Required Experience:  

• Proven experience (3–5+ years) in implementing and managing technical security controls in Microsoft-focused environments.  

• Hands-on experience with:  

• • Microsoft 365 Administration & Security (tenant hardening, identity & access management, conditional access)  

• • Azure & Azure Virtual Desktop (security configuration, monitoring, role-based access control)  

• • Microsoft Defender XDR Suite (Defender for Endpoint, Defender for Office 365, etc.)  

• • Group Policy Objects (GPOs) and Intune for device and application management  

• • Active Directory (managing user/groups, reviewing logs, applying group policies)  

• • Firewalls (configuring rules, reviewing logs, interpreting firewall outputs)  

• Demonstrated track record of working with CMMC controls or similar regulatory/compliance frameworks (e.g., NIST 800-171, DFARS).  

• Strong understanding of SIEM tools and security incident management workflows.  

Technical & Professional Skills:  

• Excellent written and verbal communication skills, with the ability to present technical concepts to diverse audiences.  

• Proficiency in scripting or automating compliance evidence gathering (e.g., PowerShell) is a plus.  

• Strong organizational and project management skills, with an emphasis on attention to detail and follow-through.  

• Ability to work independently as well as collaboratively in a cross-functional team environment.  

• Willingness to work outside normal business hours when required.  

Certifications (Preferred):  

• Security+, CISSP, CISM, or similar professional security certifications.  

• Microsoft 365 and/or Azure certifications (e.g., MS-500, AZ-500) highly desirable.  

• Any CMMC-specific certifications or proven training credentials.  

Soft Skills:  

• Customer-focused mindset and client-facing experience.  

• Ability to balance technical depth with broader compliance and business considerations.  

• Self-starter with a proactive approach to identifying and solving compliance challenges.  

Work Environment   

• 100% Remote work environment with occasional (25%) travel to client sites   

CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability.   

About Us

CyberSheath Services International LLC is a rapidly growing Managed Services Provider primarily focused on providing CMMC Compliance and Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add to our team!  

CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and, in fact, may weaken an organization’s security posture. Our professionals advise clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security.   

Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Confident ‘doers’ who ‘get the job done’ and strive to ‘do the right thing, even when no-one is looking’ are the types of candidates who strive in our culture.  Additionally, our most successful team members are self-starters and willing to put on many hats to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory.  

Key Responsibilities

Compliance Operations & Coordination

• Support the Compliance team with day-to-day operational execution across multiple client environments
• Coordinate internal compliance resources for assessments, audits, and ongoing compliance activities
• Manage and track compliance-related tickets, tasks, and deliverables
• Maintain organized documentation, artifacts, and internal records for compliance engagements
• Ensure all compliance workflows are progressing on schedule and aligned with internal priorities

Scheduling & Resource Management

• Coordinate schedules for compliance staff and internal stakeholders
• Assign tasks and tickets to appropriate resources based on priority, workload, and skillset
• Optimize team utilization and ensure efficient allocation of resources
• Track deadlines for audits, assessments, and remediation activities
• Adjust schedules dynamically to account for shifting priorities and urgent work
• Apply structured project management principles to resource planning, capacity management, and delivery timelines

Ticket & Workflow Management

• Create, assign, and monitor service tickets and internal tasks
• Track open work and ensure timely progression to meet internal SLAs
• Escalate blockers, delays, or risks to leadership proactively
• Ensure accurate and timely updates within ticketing and project systems
• Maintain visibility into backlog, workload, and team performance

Reporting & Operational Visibility

• Maintain dashboards and reporting on compliance activities, task status, and team utilization
• Provide weekly and monthly updates to leadership on progress, risks, and capacity
• Ensure internal systems (PSA, documentation platforms, etc.) remain accurate and up to date
• Track key metrics such as backlog, completion rates, and upcoming deadlines
• Provide forward-looking capacity and risk forecasting based on workload trends and project timelines

Process Execution & Improvement

• Execute established compliance workflows and playbooks
• Identify inefficiencies and recommend process improvements
• Help standardize and scale compliance operations as the organization grows
• Drive consistency and discipline across the compliance delivery lifecycle
• • Introduce and enforce project management best practices, including task dependencies, milestone tracking, and accountability frameworks

What Success Looks Like

• Compliance work is consistently delivered on time.
• Internal resources are efficiently scheduled and fully utilized
• Tickets and tasks are clean, organized, and always up to date
• Leadership has real-time visibility into compliance operations
• Audits and assessments run smoothly without last-minute coordination issues
• The compliance team operates with structure, predictability, and accountability

Who You Are

• You “Get” The Industry – You have experience and understanding of the managed service provider environment and are familiar with ConnectWise Manage
• Execution-Driven – You close loops and ensure nothing is left unfinished
• Highly Organized – You bring structure to fast-moving, complex environments
• Detail-Oriented – You track the small things that make a big difference
• Proactive – You anticipate needs instead of waiting for direction
• Process-Minded – You enjoy building repeatable, scalable systems
• Accountable – You take ownership of outcomes, not just tasks
• Calm Under Pressure – You can manage shifting priorities without losing control
• Project-Oriented – You think in terms of timelines, dependencies, milestones, and delivery outcomes

Preferred Qualifications

• 4+ years of experience in operations coordination, dispatch, project coordination, or similar role
• Demonstrated experience managing multiple concurrent projects, timelines, and cross-functional resources
• Experience in an MSP, cybersecurity, or compliance-driven environment preferred
• Experience using ticketing/PSA systems (e.g., ConnectWise, ServiceNow, etc.)
• Strong organizational and time management skills
• Ability to coordinate multiple priorities and deadlines simultaneously
• Strong written and verbal communication skills
• Proficiency in Excel, reporting tools, and documentation platforms
• Project Management Certification preferred (PMP, CAPM, PRINCE2, or equivalent)
• Familiarity with Agile, Scrum, or hybrid project management methodologies is a plus

Why This Role

• Be a core part of scaling a high-performing compliance organization
• Work at the intersection of cybersecurity, compliance, and operations
• Gain exposure to structured compliance frameworks and audit processes
• Develop operational expertise in a fast-growing, high-impact environment
• Play a critical role in enabling delivery teams to execute at a high level

Work Environment

• 100% Remote work environment

Benefits

• Day One Health, Vision, and Dental Coverage
• Discretionary Time Off Policy – take the time you want or need
• 401(k) Retirement Plan with a 4% match

CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability.  

CyberSheath Services International LLC is a rapidly growing Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add an additional Compliance Analyst to our team! 

CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and, in fact, may weaken an organization’s security posture. Our professionals tell clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security.  

Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Additionally, our most successful people are self-starters and willing to put on many hats in order to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory. 

What You Will Do
Assessment Support

• Gather, organize, and review evidence for NIST SP 800-171 and CMMC assessments
• Prepare assessment workbooks and supporting materials for analysts
• Review policies, system screenshots, logs, and configurations for completeness
• Assist with requirement mapping, accuracy checks, and evidence validation
• Draft structured notes for assessment objectives under guidance

Documentation Preparation

• Draft SSP narratives based on interviews and evidence
• Draft POAM entries with direction from senior team members
• Maintain version control and internal documentation organization
• Help improve internal templates, SOPs, and reference materials

Technical and Process Verification

• Perform basic verification tasks such as checking MFA settings, encryption status, patch levels, or configuration parameters
• Assist with CUI flow mapping across systems, users, and processes
• Conduct structured research on controls, technologies, and implementation patterns

Operational Support

• Maintain organized evidence repositories
• Support long-term client work under the direction of analysts and senior analysts
• Contribute to improving consistency and quality of deliverables

Who Thrives Here
You will succeed in this role if you are:

• A strong and structured writer
• Curious and comfortable learning technical concepts
• Organized and reliable
• Analytical and able to follow logic
• Receptive to coaching and feedback
• Comfortable working in a process-driven environment
• Interested in eventually becoming a client-facing analyst

We are not looking for buzzword-heavy applicants or people claiming expertise without practical experience.

Ideal Backgrounds
We welcome applicants from several paths, including:

• ISSO or ISSM supporting classified or government programs
• IT Administrators, System Administrators, or Network Administrators
• Service Desk, Desktop Support, or MSP technicians
• Technical compliance roles such as IT compliance coordinators or technical QA personnel in aerospace or manufacturing who have validated system-level controls or gathered IT evidence for audits
• Technical writers who have documented systems, engineering processes, IT procedures, or classified program workflows and who demonstrate strong analytical skill
• Military veterans with IT, cyber, comms, or intelligence backgrounds

Experience in the Defense Industrial Base is a plus but not required.

Required Skills

• Clear, professional writing
• Ability to follow structured processes
• Foundational understanding of IT systems such as Active Directory, MFA, patching, Windows security, or similar
• Strong attention to detail
• Ability to learn frameworks and requirements through training
• Comfort with documentation-heavy and evidence-driven work
• Consistent performance in a remote environment

Nice To Have

• Experience supporting classified or government programs
• Exposure to NIST SP 800-171 or CMMC
• Experience gathering or validating technical evidence
• Familiarity with manufacturing, aerospace, or defense environments

Career Path at CyberSheath

Compliance Specialist
Learn assessment fundamentals, documentation, and evidence processing.

Compliance Analyst
Client-facing role. Lead parts of assessments, manage long-term clients, deliver advisory work, and write structured narratives.

Senior Compliance Analyst
Independent delivery. Run pro-services engagements, own complex clients, lead assessments end-to-end, and mentor junior analysts.

Advancement is based on demonstrated capability and readiness.

Why CyberSheath

• Work with the most advanced CMMC-focused team in the industry
• Long-term client relationships and stable recurring work
• Structured internal training and certification (White, Blue, Black Belt)
• Real mentorship from experienced practitioners
• Mission-driven work that supports national security
• Remote environment with high standards and real autonomy
• Clear path for growth into senior delivery roles

CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability. 

Opportunity Overview

As a Sr. Compliance Analyst, you will own all aspects of cybersecurity compliance for your assigned clients within CyberSheath’s Managed Compliance Services. You will lead compliance efforts and provide oversight for the implementation of cybersecurity frameworks, manage client relationships, and ensure continuous compliance with industry regulations.

Your role will be pivotal in delivering compliance solutions to DIB contractors in accordance with DFARS 252.204- 7012, NIST SP 800-171, and CMMC. You will collaborate closely with client technical teams and third-party vendors to ensure compliance and mitigate risks across the entire security landscape.

Key Responsibilities

Managed Compliance Services Ownership

• Primary Point of Contact: Own and lead all compliance efforts for assigned clients, acting as the primary advisor on cybersecurity compliance and regulatory alignment.
• Client Communication: Maintain proactive communication with clients on compliance status, assessment results, and remediation Deliver regular updates through executive briefings, business reviews, and detailed reporting.
• Regulatory Assessments: Lead and execute compliance assessments (e.g., DFARS, NIST 800-171, and CMMC Maturity Level 2). Perform annual assessments and ensure evidence-based control

Compliance Frameworks and Audits

• Framework Implementation: Lead the implementation and continuous monitoring of compliance frameworks (e.g., NIST SP 800-171, CMMC). Develop and manage System Security Plans (SSPs) and Plans of Action & Milestones (POA&M) for clients.
• Audit Preparation: Guide clients through internal and external audits, ensuring all necessary evidence, documentation, and artifacts are in place for successful certification.

Compliance Documentation & Policy Management

• Documentation Development: Collaborate with clients to develop, update, and maintain compliance documentation, including policies, procedures, SSPs, POA&Ms, and other governance materials.
• Policy Enforcement: Ensure compliance policies and procedures aligned with NIST 800-171, CMMC, and DFARS. Provide expertise in drafting and maintaining control documentation.

Incident Response & Risk Management

• Incident Management: Develop and maintain incident response plans. Conduct tabletop exercises with clients to test incident response readiness and improve incident management capabilities.
• Risk Assessments: Perform regular risk assessments to identify compliance gaps and develop mitigation strategies. Maintain risk registers and ensure continuous improvement of compliance postures.

Training & Awareness

• Security Awareness Training: Deliver or facilitate client training programs, including basic security awareness, privileged user training, and handling of Controlled Unclassified Information (CUI).

Qualifications

Hard Skills (Technical Acumen)

• Technical Knowledge: Broad understanding of systems and security engineering principles, including:
  • Ability to build and troubleshoot systems (e.g., servers, Active Directory).
  • Understanding of network fundamentals, cloud technologies (IaaS, PaaS, SaaS), and cybersecurity
• Industry Experience: Experience within the Defense Industrial Base (DIB), with expertise in assessing compliance for DIB contractors.
• Framework Expertise: Direct, hands-on experience with NIST 800-171, CMMC, DFARS 252.204-7012. Must have led compliance assessments and demonstrated independent leadership of audits or regulatory
• Certifications: CMMC Certified Assessor, CISSP, CISM, or other relevant cybersecurity certifications

Soft Skills (Grit, Communication, and Adaptability)

• Grit: Passion for working in a challenging, fast-paced A "whatever it takes" attitude and a commitment to continuous learning and improvement.
• Communication: Excellent verbal and written communication skills. Ability to convey complex compliance requirements clearly to both technical and non-technical stakeholders.
• Adaptability: Comfortable working independently, pivoting when necessary, and raising your hand when additional resources are needed. Strong follow-through and reliability in meeting deadlines.

CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability. 

Opportunity Overview

As a Compliance Analyst, you will own all aspects of cybersecurity compliance for your assigned clients within CyberSheath’s Managed Compliance Services. You will lead compliance efforts and provide oversight for the implementation of cybersecurity frameworks, manage client relationships, and ensure continuous compliance with industry regulations.

Your role will be pivotal in delivering compliance solutions to DIB contractors in accordance with DFARS 252.204- 7012, NIST SP 800-171, and CMMC. You will collaborate closely with client technical teams and third-party vendors to ensure compliance and mitigate risks across the entire security landscape.

Key Responsibilities

Managed Compliance Services Ownership

• Primary Point of Contact: Own and lead all compliance efforts for assigned clients, acting as the primary advisor on cybersecurity compliance and regulatory alignment.
• Client Communication: Maintain proactive communication with clients on compliance status, assessment results, and remediation Deliver regular updates through executive briefings, business reviews, and detailed reporting.
• Regulatory Assessments: Lead and execute compliance assessments (e.g., DFARS, NIST 800-171, and CMMC Maturity Level 2). Perform annual assessments and ensure evidence-based control

Compliance Frameworks and Audits

• Framework Implementation: Lead the implementation and continuous monitoring of compliance frameworks (e.g., NIST SP 800-171, CMMC). Develop and manage System Security Plans (SSPs) and Plans of Action & Milestones (POA&M) for clients.
• Audit Preparation: Guide clients through internal and external audits, ensuring all necessary evidence, documentation, and artifacts are in place for successful certification.

Compliance Documentation & Policy Management

• Documentation Development: Collaborate with clients to develop, update, and maintain compliance documentation, including policies, procedures, SSPs, POA&Ms, and other governance materials.
• Policy Enforcement: Ensure compliance policies and procedures aligned with NIST 800-171, CMMC, and DFARS. Provide expertise in drafting and maintaining control documentation.

Incident Response & Risk Management

• Incident Management: Develop and maintain incident response plans. Conduct tabletop exercises with clients to test incident response readiness and improve incident management capabilities.
• Risk Assessments: Perform regular risk assessments to identify compliance gaps and develop mitigation strategies. Maintain risk registers and ensure continuous improvement of compliance postures.

Training & Awareness

• Security Awareness Training: Deliver or facilitate client training programs, including basic security awareness, privileged user training, and handling of Controlled Unclassified Information (CUI).

Qualifications

Hard Skills (Technical Acumen)

• Technical Knowledge: Broad understanding of systems and security engineering principles, including:
  • Ability to build and troubleshoot systems (e.g., servers, Active Directory).
  • Understanding of network fundamentals, cloud technologies (IaaS, PaaS, SaaS), and cybersecurity
• Industry Experience: Experience within the Defense Industrial Base (DIB), with expertise in assessing compliance for DIB contractors.
• Framework Expertise: Direct, hands-on experience with NIST 800-171, CMMC, DFARS 252.204-7012. Must have led compliance assessments and demonstrated independent leadership of audits or regulatory
• Certifications: CMMC Certified Assessor, CISSP, CISM, or other relevant cybersecurity certifications

Soft Skills (Grit, Communication, and Adaptability)

• Grit: Passion for working in a challenging, fast-paced A "whatever it takes" attitude and a commitment to continuous learning and improvement.
• Communication: Excellent verbal and written communication skills. Ability to convey complex compliance requirements clearly to both technical and non-technical stakeholders.
• Adaptability: Comfortable working independently, pivoting when necessary, and raising your hand when additional resources are needed. Strong follow-through and reliability in meeting deadlines.

CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability.