IT Compliance Analyst

About the position

Summit 7 Systems is seeking a mid-level IT Compliance Analyst who is well-versed in the Cybersecurity Maturity Model Certification (CMMC) documentation and the associated processes for certification, readiness, and assessment activities. This role is crucial in assisting both Summit 7 and its clients in achieving key cybersecurity compliance initiatives related to CMMC. The ideal candidate will have a strong understanding of cybersecurity compliance frameworks and will be responsible for reviewing, developing, updating, and maintaining various cybersecurity documentation, including policies, plans, procedures, checklists, and work instructions. In this position, the IT Compliance Analyst will also participate in the development and maintenance of System Security Plans, Plans of Action and Milestones (POA&Ms), and security monitoring schedules. The role involves conducting security assessments, which includes coordinating evaluations of both on-premises and cloud environments, collecting evidence and artifacts, and documenting the results of these assessments. Collaboration with internal teams is essential to maintain a comprehensive understanding of NIST 800-171, DFARS 252.204-7012, and other standards related to CMMC certification. The candidate will leverage their growing knowledge to identify client problem areas and work collaboratively to provide effective solutions. This position requires U.S. citizenship and the ability to pass an in-depth background check. The successful candidate will be expected to obtain a CMMC Certified Professional (CCP) certification within six months of employment if they do not already possess it. Summit 7 Systems values its employees and offers a supportive work environment that recognizes the importance of work-life balance, providing meaningful health and welfare benefits, including excellent health and dental coverage, a 401(k) plan with company matching, and generous vacation and sick leave policies.