CMMC Practitioner - Compliance and Advisory

The RoleWe're looking for a CMMC Practitioner to join our growing team. In this role, you'll work directly with DIB clients to assess their environments, identify compliance gaps, guide remediation efforts, and prepare them for formal CMMC assessments. You'll be the primary technical and advisory resource throughout the client engagement lifecycle - from initial scoping through assessment readiness.What You'll Do:Conduct CMMC Level 1 and Level 2 gap assessments against NIST SP 800171 and the CMMC modelDevelop and maintain System Security Plans (SSPs), POAMs, and supporting documentationGuide clients through scoping decisions, CUI identification, and boundary definitionSupport remediation planning and implementation oversight across technical control domainsAdvise clients on Microsoft 365 GCC/GCC High environments, Azure Government, and cloud security architecture in the context of CMMC complianceAssist clients in preparing for C3PAOled assessments, including evidence collection and interview preparationCollaborate with internal team members on service delivery, client communications, and continuous improvement of our delivery methodologyWhat You'll Bring:Solid working knowledge of NIST SP 800171 and the CMMC 2.0 model (Level 1 and Level 2 required; Level 3 familiarity a plus)Experience conducting security assessments or audits in DIB, federal contracting, or regulated environmentsFamiliarity with Microsoft 365, Azure, Active Directory, and related security controls as they apply to CMMC scopingAbility to translate technical findings into clear, actionable guidance for both technical and nontechnical stakeholdersStrong written communication skills you'll produce documentation that clients and assessors will rely onCCP (Certified CMMC Professional) or CCA (Certified CMMC Assessor) preferred or actively pursuing.