Compliance Analyst

OSIbeyond is seeking a Compliance Analyst to support CMMC compliance programs for Department of Defense contractors. This role is ideal for IT professionals looking to transition into cybersecurity and compliance, providing training and hands-on experience in compliance documentation and audit readiness.

Responsibilities

• Assist in developing and customizing policies, procedures and other supporting documentation for clients
• Work closely with Compliance Managers and leadership to implement CMMC compliance requirements across several clients simultaneously
• Assist with client audits and assessments by providing documentation and evidence to third party auditors
• Review and validate client-provided evidence to ensure audit readiness and alignment with CMMC requirements
• Assist in reviewing configurations in Microsoft 365 GCC/GCC High and other platforms to confirm alignment with documentation
• Execute and track ongoing compliance activities to ensure continuous adherence to CMMC requirements post-assessment
• Assist with Project Management responsibilities including facilitating meetings, calls and supporting notes and activities
• Support delivery of OSIbeyond’s Compliance as a Service (CaaS) model, ensuring clients maintain continuous compliance rather than point-in-time certification
• Work within Microsoft 365 GCC / GCC High environments to validate secure configurations aligned with CMMC controls
• Other duties as assigned
• Complete required training and maintain awareness of cybersecurity risks including insider threats and handling of regulated data
• Treat company and client data as confidential and follow all applicable security and information protection policies
• Follow cybersecurity procedures outlined in company policies and the employee handbook
• Immediately report and follow incident response procedures for any suspected security incidents

Skills

• 1–3 years of IT Support, Helpdesk, or System Administration experience
• Existing Helpdesk, System Administration or Managed IT experience including knowledge of Microsoft 365 / Entra ID and Intune
• Familiarity with common security tools including EDR / Antivirus, Vulnerability Scanning & Patch Management
• Basic understanding of CMMC and/or NIST SP 800-171 requirements
• Experience working with security policies, procedures, or compliance documentation
• Familiarity with audit preparation, evidence collection, or regulated environments
• Strong attention to detail and ability to follow structured processes
• Interest in cybersecurity, compliance, or risk management
• CMMC Registered Practitioner (RP)
• Security+ or equivalent cybersecurity certification

Benefits

• Medical Insurance - OSIbeyond pays 75% of the premium for the Employee's base medical plan
• Vision and Dental Insurance - OSIbeyond pays 75% of the premium for the Employee's plans
• Life Insurance - OSIbeyond pays 100% of the premium for the Employee's plans
• Short Term Disability Insurance - OSIbeyond pays 100% of the premium for the Employee's plans
• 401K - OSIbeyond matches up to 4%
• PTO/Holidays - 9 paid Holidays and accrual based PTO which increases with tenure, new hires start out with 2 weeks.

Company Overview