Demo

Compliance Specialist

nuvioIT LLC
Norfolk, VA Contractor
POSTED ON 4/20/2026
AVAILABLE BEFORE 10/16/2026

nuvioIT, LLC is a Norfolk, VA-based Managed Security Service Provider (MSSP) and CMMC Registered Practitioner Organization (RPO). We deliver managed IT, cybersecurity operations, and CMMC compliance services to Defense Industrial Base (DIB) contractors. We are a Microsoft Partner operating at the intersection of compliance-driven security and enterprise Microsoft 365 technology helping defense subcontractors achieve and maintain CMMC Level 2 certification.


We are expanding our CMMC readiness practice and are looking for a motivated compliance contractor with hands-on CMMC experience to deliver policy, documentation, and advisory work across our active DIB client engagements. This is a great opportunity for a CCP-credentialed professional building their consulting practice or looking for meaningful part-time contract work. Engagement has strong potential to grow into a long-term relationship as the practice scales.


We are looking for a CMMC Compliance Specialist on a 1099 basis to deliver compliance documentation, policy development, and advisory work for DIB clients pursuing CMMC Level 2 certification. The technical security controls are handled by nuvioIT engineers, your focus is the compliance side: SSPs, POA&Ms, policies, procedures, evidence mapping, and readiness advisory.


You will work directly with the founder and receive guidance on client context and environment details. This is a strong fit for someone 2–3 years into their CMMC career who wants real client exposure and flexibility. Current volume supports up to 20 hours per week with room to grow as the practice scales.


Job Duties

•   Conduct CMMC Level 2 gap assessments against NIST SP 800-171 Rev. 2 for assigned DIB clients

•   Author and maintain System Security Plans (SSPs) scoped to client environments including cloud, on- premises, and hybrid architectures

•   Develop and maintain Plans of Action & Milestones (POA&Ms) for identified gaps and deficiencies

•   Write, review, and finalize CMMC-required policies and procedures across all 14 control families

•   Map implemented technical controls to CMMC assessment objectives working with nuvioIT engineers to gather and validate evidence

•   Advise clients on CUI scoping, asset boundary decisions, and assessment preparation strategy

•   Support clients through the SPRS self-assessment scoring process and prepare documentation packages for C3PAO assessment

•   Coordinate with nuvioIT engineering staff to ensure technical configurations are documented and traceable to compliance requirements

•   Assist in developing nuvioIT's own internal CMMC Level 2 compliance documentation as part of the company's voluntary certification effort

•   Participate in periodic client check-ins and compliance status reviews as the compliance subject matter expert


Required Experience

•   2–3 years of hands-on CMMC, NIST SP 800-171, or DFARS compliance experience.

•   SSP authorship experience: you have written or contributed to at least one real SSP, not just reviewed a template

•   POA&M development: you understand gap identification, remediation planning, and milestone tracking

•   Policy and procedure writing: familiar with the 14 CMMC control families and what documentation each requires

•   Working knowledge of CUI scoping and asset boundary concepts, enough to guide a client conversation

•   Familiarity with SPRS scoring and what documentation is needed to support a self-assessment

•   Basic familiarity with Microsoft 365 at a compliance level and understanding how controls like MFA, DLP, and audit logging satisfy CMMC requirements

•   Comfort working within a GRC platform for evidence tracking, documentation, and control management, we use IntelliGRC

•   Active CCP (Certified CMMC Professional) is required


Preferred Experience

•   Experience supporting at least one client all the way through SPRS submission or C3PAO readiness even if not yet certified

•   Familiarity with GCC High or Microsoft 365 GCC environments at a compliance level

•   Prior MSP, RPO, or defense contractor environment experience

•   Prior hands-on experience with IntelliGRC specifically, faster ramp, preferred but not required


Why Work With Us

•   Structured engagements with defined scope, not open-ended consulting with scope creep and no boundaries

•   Potential to grow into a long-term relationship as nuvioIT scales its CMMC practice

•   Contribute to nuvioIT's own voluntary CMMC Level 2 certification, meaningful work that goes beyond client delivery

•   Flexible, remote-first engagement, work on your schedule within agreed delivery milestones


Send your resume, confirmation of active CCP credential, and a brief note on your CMMC experience, what engagements you have supported, your role in SSP or policy work to


careers@nuvioit.com


Please do not submit through staffing agencies or consulting firms. We are engaging directly with individual contractors. Applicants without an active CCP credential will not be considered.

Hourly Wage Estimation for Compliance Specialist in Norfolk, VA
$34.00 to $42.00
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Compliance Specialist?

Sign up to receive alerts about other jobs on the Compliance Specialist career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$73,707 - $95,263
Income Estimation: 
$91,142 - $116,690
Income Estimation: 
$80,876 - $132,043
Income Estimation: 
$73,707 - $95,263
Income Estimation: 
$91,142 - $116,690
Income Estimation: 
$80,876 - $132,043
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at nuvioIT LLC

Security & Infrastructure Engineer
Apply
  • nuvioIT LLC Norfolk, VA
  • nuvioIT, LLC is a Norfolk, VA-based Managed Security Service Provider (MSSP) and CMMC Registered Practitioner Organization (RPO). We deliver managed IT, cy... more
  • 1 Day Ago
View More Jobs at nuvioIT LLC

Not the job you're looking for? Here are some other Compliance Specialist jobs in the Norfolk, VA area that may be a better fit.

Compliance Field Support Specialist (Remote)
Apply
  • Family Dollar Chesapeake, VA
  • About Us Based in Chesapeake, VA, Family Dollar operates more than 6,000 stores across the 48 contiguous states, supported by a coast-to-coast logistics ne... more
  • 18 Days Ago
CYBER SECURITY AUDIT AND COMPLIANCE SPECIALIST
Apply
  • Ignite Fueling Innovation Elizabeth, NC
  • Job Description: Ignite is an ISO 9001:2015 and CMMI Services Level 3 and Development Level 2 certified, Service-Disabled Veteran-Owned Small Business (SDV... more
  • 30 Days Ago
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!