Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
A

CMMC Continuous Compliance Analyst

AVUM

CMMC Continuous Compliance Analyst at Avum Inc. Supporting cybersecurity compliance, audit readiness, and control validation across technical environments.

Posted 7/3/2026full-time🇺🇸 United StatesMid-LevelSenior💰 $130,000 - $160,000 per yearWebsite

Tech Stack

Tools & technologies
Cyber Security

About the role

Key responsibilities & impact
  • Review, maintain, and improve CMMC documentation, including the System Security Plan (SSP), policies, procedures, control narratives, evidence repositories, and Plans of Action and Milestones (POA&Ms).
  • Perform ongoing compliance reviews against CMMC and NIST SP 800-171 requirements, validating that documented controls align with actual technical and operational implementation.
  • Collect, organize, validate, and maintain compliance evidence from systems, logs, tickets, vulnerability reports, access reviews, training records, and other supporting sources to ensure audit readiness.
  • Partner with infrastructure, security, system owners, and business stakeholders to validate control implementation, identify compliance gaps, and support remediation efforts.
  • Track findings, POA&Ms, remediation activities, control exceptions, and risk acceptance decisions through resolution.
  • Review technical configurations and security tooling related to areas such as identity and access management, multifactor authentication, vulnerability management, endpoint protection, logging, configuration management, asset inventory, backups, incident response, and network security.
  • Support internal readiness assessments, external CMMC assessments, and continuous monitoring activities by maintaining accurate documentation and repeatable compliance processes.
  • Prepare compliance metrics, status reports, dashboards, and executive summaries that communicate compliance posture, audit readiness, remediation progress, and organizational risk.

Requirements

What you’ll need
  • Bachelor's degree in Cybersecurity, Information Technology, Information Systems, Computer Science, or a related field, or an equivalent combination of education and experience.
  • Three to six years of experience supporting cybersecurity compliance, governance, risk and compliance (GRC), IT audit, security operations, infrastructure operations, or a related technical security function.
  • Working knowledge of CMMC, NIST SP 800-171, or comparable cybersecurity compliance frameworks.
  • Ability to interpret security control requirements and translate them into practical validation activities, evidence collection, and remediation recommendations.
  • Understanding of core cybersecurity concepts including identity and access management, multifactor authentication, endpoint security, vulnerability management, logging, network security, asset management, backups, change management, and incident response.
  • Experience reviewing technical evidence and determining whether security controls are operating effectively.
  • Ability to collaborate with technical and business teams to investigate compliance gaps, coordinate remediation activities, and support audit readiness.
  • Strong analytical, organizational, documentation, and written communication skills with the ability to manage multiple priorities and deadlines.

Benefits

Comp & perks
  • medical (Cigna)
  • dental and vision (Principal)
  • 401(k)
  • PTO
  • education reimbursement
  • certification reimbursement

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Cybersecurity ComplianceControl ValidationTechnical Evidence ReviewIncident ResponseVulnerability ManagementIdentity and Access ManagementMultifactor AuthenticationNetwork SecurityDocumentation ManagementAudit Readiness
Soft Skills
Analytical SkillsOrganizational SkillsWritten CommunicationCollaborationTime Management