Who are We? 

M3 Technology Consultants is headquartered in Fairfax, VA, and was founded in 2003. We are a rapidly growing, dynamic company that has successfully built an industry reputation by providing our clients with unparalleled IT services to businesses across the Washington, D.C., and Denver, Colorado, areas. Our team of highly skilled IT professionals supports small and large businesses across numerous industries, providing comprehensive solutions for line of business applications, disaster recovery, physical server/network management, and network maintenance and management.

We foster an entrepreneurial work environment with a strong emphasis on customer service. And through empowering great employees, we have created a culture of dedicated, creative, dynamic, hardworking, and fun loving individuals.

What do we offer YOU? 

• Very competitive compensation package
• Annual paid training for continuing education
• Collaborative team environment
• Entrepreneurial work environment
• Career Growth with an active mentorship program to help guide your advancement as an IT Professional
• Health, dental, vision, sick and vacation leave, cell phone reimbursement_, gym membership, and more
• 401 (k) with a generous employer match

Who are YOU? 

You are a detail oriented compliance professional with hands on experience managing cybersecurity and compliance frameworks such as CMMC (Level 1 & 2), NIST 800 171, and SOC 2. You’re comfortable designing and maintaining compliance programs, developing policies and procedures, and building audit ready documentation that supports both internal teams and client environments.

You bring practical technical knowledge to your compliance work, including supporting access and security controls within Microsoft 365 and Intune environments. You have experience performing risk assessments, identifying compliance gaps, tracking corrective actions through POA&Ms, and validating technical implementations such as RBAC, least privilege, MFA, Conditional Access, and device compliance. You understand how to prepare for audits, respond to assessor requests, and ensure evidence is accurate, organized, and complete.

You work collaboratively to deliver projects on time and within budget, and you’re comfortable coordinating with internal teams, clients, and external vendors to provide effective support services. You communicate clearly, support training and awareness initiatives, and can translate technical and regulatory requirements into actionable guidance, metrics, and reports that drive continuous improvement and strengthen the organization’s overall security posture.

Please note this position is full time, onsite in our headquarters office in Fairfax, VA, and requires U.S. Citizenship.

What does your day/week look like? 

• Design, implement, and maintain compliance programs aligned with CMMC Level 1 & 2, SOC 2, NIST 800 171, and related frameworks for internal teams and clients
• Create and update audit ready documentation, including security policies, SOPs, SSPs, and standardized evidence templates
• Perform ongoing risk assessments, identify compliance gaps, manage POA&Ms, and track remediation progress. Validate and support technical security implementations in Microsoft 365 and Intune, including RBAC, least privilege, and privileged access controls
• Work closely with internal teams and clients to ensure security configurations and workflows meet compliance requirements
• Collect, organize, and prepare audit evidence for internal reviews and external third party assessments
• Develop and deliver training on CUI handling, cybersecurity best practices, and secure use of Microsoft 365 and mobile devices
• Provide regular compliance updates, KPIs, and risk summaries to leadership and stakeholders.

What do you need for this amazing opportunity? 

Education

• Bachelor’s degree in Information Security, IT, or related field (or equivalent experience).
• Preferred certifications: CISA, CISSP, CMMC Certified Professional.

Technical Skills

• Deep knowledge of CMMC Level 1 & 2, SOC 2, ISO 27001, NIST 800 171, and related cybersecurity compliance frameworks
• Experience maintaining compliance across Microsoft 365 Commercial, GCC, and GCC High environments, including secure workflows
• Hands on expertise with Microsoft 365 and Intune security controls (Conditional Access, MFA, DLP, device compliance, RBAC, least privilege, and PAM)
• Ability to identify compliance and security gaps across cloud, endpoint, and on prem environments and recommend mitigations
• Experience conducting risk assessments, managing POA&Ms, and tracking remediation progress and audit readiness
• Strong technical documentation skills, including policies, SOPs, SSPs, configuration documentation, and audit evidence development
• Proven ability to collect, organize, and present audit evidence for internal stakeholders and third party assessors (C3PAOs)
• Skill in translating regulatory requirements into technical controls, user guidance, and leadership level compliance reporting

Sound good? Then send us your resume! We want to talk to YOU!

Salary : $80,000 - $115,000