CMMC Compliance Program Engineer

Managed Group

. Support the Compliance as a Service “CaaS” Program Team in planning and executing compliance initiatives.

Posted 5/7/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $80,000 - $120,000 per yearWebsite

Tech Stack

Tools & technologies

Cyber SecurityRPA

About the role

Key responsibilities & impact

Support the Compliance as a Service “CaaS” Program Team in planning and executing compliance initiatives.
Assist with all CaaS-related work efforts in all phases of the CaaS program, such as consulting during technical environment standup, documentation writing, mock assessments, and other compliance-related duties.
Help prepare and maintain Plans of Action & Milestones (POA&Ms) and track remediation activities.
Draft, customize, and update policies, procedures, and compliance documentation to meet client needs.
Collaborate with IT, security, and business teams to implement compliance requirements effectively.
Contribute to client engagements, including readiness consulting and audit preparation.
Monitor regulatory updates and share insights with the program development team on emerging requirements.
Assist with training and awareness programs to strengthen the compliance culture across the organization.
Once Certified CMMC Assessor (CCA) is obtained, participate in CMMC Assessments as a Quality Assurance role, with the eventual goal of participating as a CCA.
Collaborate with the Operations and Project Management Team to understand QA and CCA assignments as required.
Participate in enclave projects that require a compliance related skillset.
Performs other duties as assigned, including but not limited to cross-functional support, special projects, and responsibilities outside the primary scope of the role, in order to meet organizational needs and ensure team success.

Requirements

What you’ll need

Registered Practitioner Advanced (RPA) or Certified CMMC Professional (CCP) Required
Excellent communicator.
Five or more years of experience in compliance, cybersecurity, or IT governance.
Strong knowledge of CMMC and NIST SP 800-171.
Experience with compliance documentation writing, evidence gathering, POA&M tracking, and audit preparation.
Strong organizational and communication skills.
U.S. citizenship; ability to obtain a DoD clearance.
Bachelor's degree in cybersecurity, information security, computer science, or a related field (preferred).
Additional certifications such as CISSP, CISA, CISM, Security+, or ISO 27001 (preferred).
Experience supporting defense contractors, federal compliance programs, or managed security providers (preferred).
Experience supporting clients through CMMC L2 assessments with DIBCAC or a C3PAO (preferred).
Familiarity with GRC tools, vulnerability management, or SIEM platforms (preferred).
Willingness to travel up to 15–20 percent for client assessments and engagements.

Benefits

Comp & perks

Medical, dental, and vision insurance, with HSA Health Insurance option
Reimbursement for training and pursuit of advanced certifications.
Company match on voluntary pretax salary contributions
12 paid holidays
18 days of Paid Time Off (PTO)
100% paid group life insurance
100% company-paid short-term disability
100% company-paid long-term disability
Free-to-you on-campus gym

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

compliance documentation writingevidence gatheringPOA&M trackingaudit preparationCMMCNIST SP 800-171cybersecurityIT governanceregulatory monitoringquality assurance

Soft Skills

excellent communicatorstrong organizational skillsstrong communication skills

Certifications

Registered Practitioner Advanced (RPA)Certified CMMC Professional (CCP)CISSPCISACISMSecurity+ISO 27001