CMMC Compliance Lead

Exceptional Service. Endless Improvement. Passionate People. Honest and Forthright. These values guide everything we do, and we achieve them thanks to the diverse and collaborative efforts of our team. We are dedicated to creating a supportive environment where every team member can thrive. This includes fostering learning, professional growth, and valuing each team member’s input, all within a culture that promotes work-life balance and a strong sense of belonging.

The CMMC Compliance Lead serves as a key internal and client-facing compliance expert responsible for managing cybersecurity and compliance initiatives across client portfolios. This role involves guiding clients through compliance assessments, audits, and regulatory requirements, with a specific focus on CMMC, SOC2, FINRA, and HIPAA frameworks. The CMMC Compliance Lead will also serve as a mentor and subject matter expert (SME) for Charles IT’s Managed Compliance Team. 

Key Responsibilities: 

Client Compliance Support: 

• Act as the primary compliance advisor for assigned clients, ensuring adherence to CMMC and other relevant regulatory frameworks.
• Guide clients through compliance assessments, gap analyses, and audits.
• Develop and maintain POAMs, SSPs, and other compliance-related documentation.
• Serve as a liaison between clients and third-party auditors.
• Collaborate closely with third-party auditors to facilitate successful audits and ensure all compliance requirements are met.

Policy Development & Documentation:

• Lead policy writing and policy management efforts.
• Ensure timely and accurate updates to compliance documentation within the GRC platform and ticketing system.
• Develop and deliver compliance reports to executive stakeholders.
• Internal Leadership & Team Collaboration:
• Act as the primary escalation point for compliance issues related to Managed Compliance clients.
• Mentor and coach junior compliance analysts and team members.
• Provide regular training sessions on compliance-related topics.

Audit Preparation & Risk Management:

• Conduct internal risk assessments, tabletop exercises, and security audits.
• Stay current on industry compliance standards and implement necessary updates across the team.
• Lead client-focused incident response preparation and tabletop exercises.

Requirements

• Bachelor's degree or equivalent experience in IT, Compliance, or related fields. 
• 2+ years of relevant auditing, compliance, or IT security experience. 
• Current CMMC, CCA, or relevant compliance/security certifications are strongly preferred. 
• Proven ability to communicate effectively with both technical teams and executive-level stakeholders. 
• Experience working with GRC platforms, policy management tools, and audit preparation processes. 
• Self-starter with strong organizational and multitasking skills. 
• Valid US driver’s license and ability to pass a background check. 

Benefits

Charles IT offers a competitive benefits program including Medical, Dental, Vision, Life, Disability, Paid Holidays, PTO, 401K, and bonuses. In addition, we offer free dry cleaning, a fully stocked break room, Friday team lunches, paid training, team-building outings every quarter, professional development and so much more!

Our Commitment to Inclusion:
Charles IT is committed to creating an inclusive environment for all employees. We do not discriminate based on race, color, religion, sex, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other protected category. We welcome and encourage diverse perspectives.

The information contained in this job description is for compliance with the American with Disabilities Act (A.D.A.) and is not an exhaustive list of the duties performed for this position. Additional duties may be required.

If you’re excited about contributing your expertise to a fast-growing company that values innovation and teamwork, we’d love to hear from you!