Job Title: CMMC Level 2 Compliance Consultant (Contract)
Client :: Network product based company
Duration: 12+ Months
Location: Remote
Position Overview
We are seeking an experienced CMMC Level 2 Compliance Consultant to support our client in achieving and maintaining compliance with the Cybersecurity Maturity Model Certification (CMMC) Level 2, aligned with NIST SP 800-171 requirements. The consultant will be responsible for assessing current cybersecurity posture, identifying compliance gaps, implementing remediation strategies, and preparing the organization for CMMC Level 2 certification assessment.
This role requires strong expertise in federal cybersecurity compliance frameworks, risk management, security controls implementation, and audit readiness for DoD-related environments.
Key Responsibilities
Lead CMMC Level 2 compliance initiatives aligned with NIST SP 800-171 and CMMC 2.0 framework
Conduct comprehensive gap assessments and readiness assessments
Review and validate implementation of the 110 NIST SP 800-171 security controls
Develop, review, and update key compliance documentation including:
System Security Plan (SSP)
Plan of Action and Milestones (POA&M)
Policies, procedures, and standards
Identify compliance gaps and define remediation plans
Assist with implementation of security controls across IT infrastructure, applications, and cloud environments
Support audit preparation and readiness for C3PAO certification assessment
Work closely with IT, Security, Risk, and Compliance teams to ensure alignment with DoD compliance requirements
Provide guidance on handling Controlled Unclassified Information (CUI)
Perform risk assessments, vulnerability management, and security control validation
Ensure compliance with related frameworks such as:
NIST 800-53 (Preferred)
NIST 800-171A
DFARS , 7019, 7020, and 7021
Provide compliance reporting and executive-level status updates
Required Skills and Qualifications
5+ years of experience in cybersecurity compliance, governance, risk, and compliance (GRC)
Strong hands-on experience with:
CMMC 2.0 Level 2
NIST SP 800-171
DFARS compliance requirements
Experience performing:
Gap assessments
Security control implementation
Audit readiness preparation
Experience working with Federal Contractors or DoD environments
Strong knowledge of:
System Security Plan (SSP)
POA&M development and remediation
Risk assessment and vulnerability management
Experience with cloud environments (AWS, Azure, C High preferred)
Excellent documentation and communication skills
Ability to work independently and drive compliance initiatives
Preferred Qualifications
CMMC Certified Professional (CCP) or Certified Assessor (CCA)
CISSP, CISM, CISA, or CRISC certification
Experience supporting C3PAO assessments
Experience with Microsoft GCC / GCC High environments
Experience in Defense, Aerospace, or Federal contracting industries
Knowledge of Zero Trust Architecture (Preferred)
Deliverables
CMMC Level 2 Gap Assessment Report
Remediation Plan and POA&M
Updated System Security Plan (SSP)
Compliance readiness documentation
Audit readiness support