CMMC Compliance Consultant Job at Agile IT, San Diego, CA

cXZqekFLTTBlenU3d1pFVi85VWJFalphc3c9PQ==
  • Agile IT
  • San Diego, CA

Job Description



Agile IT is a Microsoft AOS-G partner and Cyber AB Registered Practitioner Organization (RPO) built for the Defense Industrial Base. As one of six original AOS-G resellers for GCC High and a C3PAO candidate, we help defense contractors meet CMMC compliance and operate securely in Microsoft cloud environments. Our customers build fighter jet components, naval propulsion systems, satellite payloads, and aerospace platforms that support the Department of War. We make sure their Microsoft environments are ready for the job.

We are in a high-growth phase, and we are stacking the team to match. The next chapter is a compliance-oriented MSP, purpose-built for the regulated workloads our customers run. We are hiring the people who will build it.

Job Description



The CMMC Compliance Consultant is the subject matter expert who carries DIB clients through the full CMMC lifecycle. You own engagements end to end, from initial gap assessment through assessor-ready documentation, and you are the technical authority clients lean on when the requirements get hard.

This is practitioner-level work. You scope CUI environments, build the SSPs and POA&Ms an assessor will actually accept, and translate dense regulatory language into guidance a client can act on. You sit in pre-sales calls and executive readouts, you mentor the junior consultants coming up behind you, and you help sharpen the methodology the whole practice runs on. Active CCP and CCA credentials are non-negotiable for this role.

What You'll Own

Assessment and Advisory. Lead and execute CMMC Level 2 gap assessments against all 110 NIST SP 800-171 Rev 2 practices across the 14 control domains. Conduct readiness reviews and deliver findings with prioritized remediation roadmaps.

Assessor-Ready Documentation. Author and maintain SSPs, POA&Ms, policies, procedures, and implementation narratives using the NIST SP 800-171A examine, test, and interview methodology. Build CMMC-scoped network diagrams, data flow diagrams, and CUI boundary documentation.

CUI Environment Scoping. Evaluate client environments scoped to CUI systems, including Microsoft 365 GCC and GCC High, Intune and Microsoft Defender for Endpoint, and specialized platforms such as PreVeil.

Client Engagement. Serve as the primary technical point of contact for assigned DIB accounts across the compliance lifecycle. Facilitate interviews with client staff to validate controls and gather evidence, and present status and executive readouts with clarity.

GRC Platform Integrity. Own data integrity in the GRC platform (e.g., IntelliGRC) for SSP management, POA&M tracking, and evidence management.

Practice Development. Improve internal CMMC methodologies, templates, and tooling. Mentor junior consultants, and track CMMC Program rule changes (32 CFR Part 170, DFARS 252.204-7021) and Cyber AB guidance updates so the practice stays current.

Qualifications



Required

  • Active CMMC Certified Professional (CCP) credential in good standing with the Cyber AB
  • Active CMMC Certified Assessor (CCA) credential in good standing with the Cyber AB
  • Minimum 5 years of progressive IT experience, with at least 2 years focused on cybersecurity
  • Minimum 1 year of direct CMMC, DFARS 252.204-7012/7021, NIST SP 800-171, or other compliance consulting experience
  • Demonstrated expertise scoping CUI environments and applying NIST SP 800-171 Rev 2 across all 14 control families
  • Hands-on experience with Microsoft 365 Commercial, GCC, and/or GCC High environments in a CMMC compliance context
  • Working knowledge of Azure Sentinel, Microsoft Defender for Endpoint (MDE), and Intune within CMMC-scoped environments
  • Strong proficiency writing SSP implementation narratives, NIST 800-171A-aligned assessment procedures, and POA&M documentation
  • Familiarity with FedRAMP Moderate authorization requirements and cloud service provider boundary scoping
  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a closely related field

Preferred

  • Experience with PreVeil, Lifeline, or other CUI-designated encrypted collaboration platforms
  • Experience supporting multi-site CMMC Level 2 assessments in manufacturing, defense electronics, or aerospace sectors
  • Prior experience as a C3PAO team member on an assessment
  • Experience with GRC platforms such as IntelliGRC or equivalent

 

Additional Information



Additional Information

  • Department: Compliance
  • Reports to the Lead CMMC Compliance Manager
  • Full-time, fully remote

Agile IT runs on its RISE values: Reliability, Integrity, Stewardship, and Excellence. We hire people who live them.

Job Tags

Full time, For contractors, Remote work

Similar Jobs

Greystar

Investment Analyst Job at Greystar

 ...offering expertise in property management, investment management, development, and...  .... JOB DESCRIPTION SUMMARY The Analyst is responsible for supporting the Investment...  ...Notice: Greystar will never request your banking details or other sensitive personal information... 

ndimensions labs

AI Intern - Robotics Job at ndimensions labs

 ...multimodal data and improve through iterative fine-tuning, evaluation, and feedback. The Role We are looking for a motivated AI Intern to join our AI team for the summer. You will work directly alongside researchers and engineers on core problems in robotics AI,... 

DeLanco, Incorporated

Class A DRIVERS NEEDED ASAP FOR FEDEX CONTRACTOR. HOME NIGHTLY. 1100.00 PER WEEK. IMMEDIATE HIRE. Job at DeLanco, Incorporated

Class A DRIVERS NEEDED ASAP FOR FEDEX CONTRACTOR. HOME NIGHTLY. 1100.00 PER WEEK. IMMEDIATE HIRE.FedEx Ground contractor is looking to hire two full time drivers immediately. Position requires class A CDL with one year driving experience in a tractor trailer.100% Drop... 

Studio Link-Arc, LLC

Summer Intern Job at Studio Link-Arc, LLC

JOB DESCRIPTION:Based in New York City, Studio Link-Arc, LLC is an international team of architects and designers. Our name, Link-Arc, refers to our collaborative nature and our mission, which is to work across disciplines to create strategy and design in the fields of... 

Corning

Project Controls Engineer Job at Corning

 ...communication networks sold to businesses, governments and individuals for their own use. Role Summary We are seeking a Project Controls Engineer to support equipment construction, installation, debugging, and startup at domestic and international sites. This role...