CMMMC Level 2 Specialist

Position Summary

We are seeking an experienced CMMC Level 2 Compliance Engineer to lead and support the development, implementation, and operationalization of cybersecurity controls required to achieve and maintain Cybersecurity Maturity Model Certification (CMMC) Level 2 compliance.

This role is responsible for translating regulatory requirements into actionable policies, procedures, and technical implementations across the organization’s IT environment. The ideal candidate combines strong cybersecurity governance experience with hands-on technical expertise deploying and configuring security tools aligned with NIST SP 800-171 requirements.

Key ResponsibilitiesCMMC & Compliance Implementation

• Lead organizational readiness and implementation efforts for CMMC Level 2 certification
• Interpret and apply NIST SP 800-171 controls and assessment objectives
• Conduct gap assessments and remediation planning
• Develop System Security Plans (SSP) and Plans of Action & Milestones (POA&M)
• Support internal and third-party assessments and audits

Policy & Procedure Development

• Create and maintain cybersecurity policies aligned with CMMC Level 2 domains
• Develop operational procedures and standard operating procedures (SOPs)
• Ensure policies translate into enforceable technical and operational controls
• Establish governance processes for continuous compliance

Technical Implementation

• Implement and configure IT security solutions required for compliance, including:
• Identity & Access Management (IAM)
• Multi-Factor Authentication (MFA)
• Endpoint Detection & Response (EDR)
• Security Information & Event Management (SIEM)
• Logging and monitoring solutions
• Data protection and encryption technologies
• Vulnerability management tools
• Collaborate with IT teams to integrate security controls into existing infrastructure
• Validate control effectiveness through testing and documentation

Documentation & Evidence Management

• Maintain compliance documentation and control evidence
• Develop user training and security awareness materials
• Support incident response documentation and processes
• Ensure audit-ready documentation standards

Collaboration & Advisory

• Work with leadership, IT, legal, and operations teams to align compliance initiatives
• Provide guidance on secure system architecture and operational best practices
• Act as subject matter expert for CMMC compliance initiatives

Required Qualifications

• 3 years of cybersecurity, compliance, or information security experience
• Direct experience implementing or preparing for CMMC Level 2 or NIST SP 800-171
• Demonstrated experience creating:
• Security policies
• Procedures and SOPs
• Compliance documentation
• Hands-on experience deploying security technologies in enterprise environments
• Strong understanding of:
• Access control and identity management
• Security logging and monitoring
• Risk management frameworks
• Incident response processes
• Experience supporting audits or regulatory assessments

Preferred Qualifications

• Experience with DoD contractors or Defense Industrial Base (DIB) environments
• Certifications such as:
• CISSP
• CISM
• CISA
• Security
• Certified CMMC Professional (CCP) or Certified CMMC Assessor (CCA)
• Experience with Microsoft GCC High or Azure Government environments
• Familiarity with FedRAMP or DFARS compliance requirements

Technical Skills

• Microsoft 365 Security & Compliance
• Azure AD / Entra ID
• Endpoint security platforms (Defender, CrowdStrike, SentinelOne, etc.)
• SIEM platforms (Microsoft Sentinel, Splunk, etc.)
• Vulnerability management tools
• Secure configuration baselines (CIS Benchmarks/STIGs)

Soft Skills

• Strong documentation and technical writing ability
• Ability to translate regulatory language into technical execution
• Cross-functional collaboration skills
• Project leadership and organizational skills
• Detail-oriented with strong analytical thinking

Education

• Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)

Work Environment

• Hybrid or Remote (depending on organizational needs)
• May require participation in compliance audits and assessment activities

Compensation (Optional Section)

• Competitive salary based on experience
• Performance bonus eligibility
• Benefits package including health, retirement, and professional development support

Pay: $30.00 - $40.00 per hour

Expected hours: 20.0 per week

Work Location: Hybrid remote in Chicago, IL 60644

Salary : $30 - $40