CMMC Compliance Manager

About The RoleThis role operates within a Compliance as a Service (CaaS) model, where compliance is delivered as an ongoing managed service—not a one-time project. The CMMC Compliance Manager is responsible for driving and maintaining client compliance outcomes, not just providing guidance.Success In This Role RequiresOwnership over outcomes – Ensures client progress and completion of required actions Continuous compliance mindset – Proactively manages compliance beyond point-in-time readiness Practical execution – Verifies controls are implemented and functioning in real environments Structured, scalable delivery – Follows and improves standardized processes Client leadership – Sets expectations and holds clients accountable This is a hands-on, execution-focused role centered on delivering measurable compliance results—not a passive advisory position.Key Responsibilities And DutiesCMMC Implementation & ReadinessLead end-to-end CMMC engagements (scoping → implementation → readiness) Define system boundaries and SSP scope Drive implementation of NIST 800-171 / CMMC Level 2 controls Develop SSP, POA&M, policies, and artifacts Prepare clients for C3PAO assessment Client Ownership & DeliveryServe as primary compliance lead for client stakeholders Drive client accountability, timelines, and progress Manage multiple client environments within a CaaS model Escalate risks impacting readiness timelines Continuous Compliance ManagementSupport post-certification compliance and monitoring Track compliance status, risks, and remediation Ensure ongoing alignment with CMMC requirements Standardization & Scale (CaaS Model)Deliver services using standardized frameworks and templates Ensure consistency across client environments Contribute to process improvement and automation Other duties as assignedSecurity ResponsibilitiesProtect client and company data in accordance with security policies Ensure proper handling of CUI and regulated data Identify and report security incidents in accordance with procedures Support risk assessments and remediation tracking (POA&Ms) Participate in security program activities and reviews Job Qualifications5+ years in technical, security, or compliance roles within IT environments, including administration of common SMB platforms such as Microsoft Office 365. Knowledge of security concepts and common tools including EDR, vulnerability management, patch management and auditing (SIEM) functions Experience implementing NIST SP 800-171 / CMMC Level 2 requirements, or direct experience with externally audited compliance standards such as ISO 27001. Experience managing multiple compliance engagements simultaneously Strong client communication and advisory skills Experience working in multi-client or managed services environments (MSP/MSSP) strongly preferred Experience delivering compliance through standardized or repeatable frameworks preferred Must be eligible for DOD Tier 3 background investigation RequiredKnowledge & Certifications:Security+ (or equivalent foundational security knowledge) Experience with NIST 800-171 / CMMC PreferredCMMC CCA (Training or Certification) CMMC CCP CISA PositionLocation – Remote from the United StatesEmployment Type - Full time Compensation - $125,000-130,000 DOEBenefitsMedical Insurance - OSIbeyond pays 75% of the premium for the Employee's base medical planVision and Dental Insurance - OSIbeyond pays 75% of the premium for the Employee's plansLife Insurance - OSIbeyond pays 100% of the premium for the Employee's plansShort Term Disability Insurance - OSIbeyond pays 100% of the premium for the Employee's plans401K - OSIbeyond matches up to 4%PTO/Holidays - 9 paid Holidays and accrual based PTO which increases with tenure, new hires start out with 2 weeks.