Compliance Business Systems Analyst

RESPONSIBILITIES:
Kforce has a client in Maryland Heights, MO that is seeking a Compliance Business Systems Analyst.

Summary:
We are seeking a CMMC Level 2 Compliance Business Systems Analyst to support the design, implementation, and validation of technology solutions aligned to cybersecurity compliance requirements. This role is responsible for translating CMMC Level 2 control requirements into actionable technical and business requirements across IT, Engineering, and Security teams. The ideal candidate understands both compliance frameworks and enterprise technology environments and can bridge the gap between regulatory requirements and practical system implementation.

Key Responsibilities:
* Interpret and translate CMMC Level 2 control requirements into clear, actionable technology and business requirements
* Collaborate with Compliance and Information Security teams to consolidate requirements and define control objectives, procedures, and evidence expectations
* Partner with architecture teams to understand enclave strategies and system boundaries, and define related functional and capability requirements
* Develop a strong understanding of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI), and lead discovery and documentation of related data flows
* Facilitate evaluation of existing technology platforms against compliance requirements to perform gap analyses and support remediation planning
* Analyze business processes to identify how FCI and CUI are used, stored, and transmitted, and recommend process or system changes to support compliance objectives
* Coordinate implementation efforts, support testing activities, and validate that systems meet defined compliance and business requirements
* Serve as a liaison between business stakeholders and technical teams to ensure alignment on scope, requirements, timelines, and expected outcomes
* Support documentation efforts required for audits and formal CMMC Level 2 assessments

REQUIREMENTS:
* Bachelor's degree in Information Systems, Cybersecurity, Business, Engineering, or a related field, or equivalent practical experience
* Strong knowledge of CMMC Level 2 controls and control objectives
* Ability to interpret regulatory requirements and convert them into technical and operational specifications
* Strong analytical and problem-solving skills with the ability to quickly identify risks, gaps, and opportunities
* Ability to manage multiple projects and priorities simultaneously
* Strong organizational skills and attention to detail
* Excellent written and verbal communication skills with the ability to engage stakeholders at all levels of the organization
* Ability to work independently and within cross-functional teams in a fast-paced environment
* Proficiency with standard business software applications (e.g., Word, Excel, and related tools)
* Experience supporting cybersecurity compliance initiatives, preferably within a CMMC, NIST, or similar regulatory framework environment
* Experience working with enterprise IT systems, security controls, and technical teams in regulated environments

Preferred Qualifications:
* Experience supporting organizations pursuing or maintaining CMMC Level 2 certification
* Familiarity with NIST SP 800-171 requirements and related security frameworks
* Experience conducting compliance gap assessments and remediation planning
* Background working with secure enclaves, boundary definitions, and protected data environments

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.

We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.

Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.

This job is not eligible for bonuses, incentives or commissions.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.