You are viewing a preview of this job. Log in or register to view more details about this job.

Junior CMMC Compliance Analyst

Volex, Inc
Email

Job Title: Junior CMMC 2.0 Compliance Analyst

Job Summary:

The Junior CMMC 2.0 Compliance Analyst supports the organization’s efforts to achieve and maintain compliance with the Cybersecurity Maturity Model Certification (CMMC) 2.0. This entry-level role focuses on assisting with documentation, evidence collection, and basic control validation to help prepare for third-party assessments. The position works under the guidance of senior compliance or security staff.

Key Responsibilities:

  • Assist in creating and updating cybersecurity policies, procedures, and documentation aligned with CMMC 2.0 requirements
  • Support mapping of controls to NIST SP 800-171
  • Collect, organize, and maintain compliance evidence (e.g., screenshots, logs, training records, system settings)
  • Help maintain documentation such as the System Security Plan (SSP) and Plans of Action & Milestones (POA&M)
  • Perform basic reviews of systems and documentation to identify gaps or missing evidence
  • Track compliance tasks and remediation activities assigned by senior team members
  • Coordinate with internal teams (IT, HR, operations) to gather required information
  • Prepare audit artifacts and organize materials for third-party assessments
  • Maintain document repositories and ensure version control

Required Skills & Qualifications:

  • Basic understanding of cybersecurity or IT concepts (networks, user access, endpoints, etc.)
  • Familiarity with CMMC 2.0 concepts or willingness to learn quickly
  • Exposure to National Institute of Standards and Technology (NIST) frameworks is a plus
  • Strong organizational and documentation skills
  • Attention to detail when collecting and labeling evidence
  • Ability to follow instructions and work with checklists or templates
  • Good written communication skills

Preferred Qualifications:

  • 0–2 years of experience in IT, cybersecurity, or compliance-related roles
  • Internship, coursework, or training related to cybersecurity or compliance
  • Basic certifications (e.g., CompTIA Security+ or similar)
  • Familiarity with tools like spreadsheets, document management systems, or ticketing systems

Key Deliverables:

  • Well-organized evidence files mapped to specific controls
  • Draft policies and procedures (reviewed by senior staff)
  • Updated sections of the System Security Plan (SSP)
  • Assistance with maintaining POA&M tracking
  • Audit-ready documentation packages (with supervision)