Copy of Cybersecurity Compliance Analyst – ISO Audit Support

Description Centex Technologies seeks a skilled Cybersecurity Compliance Analyst to augment ISO audit operations across multiple program enclaves. This hybrid position focuses on pre-audit preparation, evidence gathering, compliance documentation, and collaborative support for organizations pursuing NIST 800-171 and CMMC certification objectives. The ideal candidate will serve as a compliance facilitator, data coordinator, and documentation specialist rather than a traditional system administrator. This role supports mission-critical systems through meticulous attention to compliance frameworks, with particular emphasis on NIST 800-171 requirements and forward integration of COREnet System Security Plans (SSPs) for CMMC inheritance. Primary Responsibilities Essential Duties and Responsibilities System Security Plan (SSP) Development and Documentation (40%) • Draft, review, and update System Security Plans (SSPs) for multiple program enclaves • Ensure SSP accuracy, completeness, and alignment with NIST 800-171 requirements • Support service boundary definition and clarity updates across tenant systems • Collaborate with technical teams to translate system configurations into compliance documentation • Maintain version control and change management for SSP documentation Pre-Audit Evidence Gathering and Coordination (35%) • Coordinate and facilitate pre-audit evidence collection activities across program teams • Organize and catalog compliance artifacts, policies, procedures, and technical documentation • Conduct inventory data collection and validation to meet audit minimum requirements • Support material build-up tasks including evidence packages, control matrices, and compliance dashboards • Interface with stakeholders to ensure timely submission of required documentation Compliance Framework Implementation (15%) • Support implementation of NIST 800-171 controls across organizational enclaves • Facilitate integration of COREnet SSPs for CMMC inheritance objectives • Conduct gap analysis between current state and compliance requirements • Track remediation activities and maintain compliance status reports • Support continuous monitoring and ongoing compliance validation activities Stakeholder Collaboration and Reporting (10%) • Facilitate compliance workshops, walkthroughs, and coordination meetings • Provide regular status updates to program managers and compliance leadership • Support internal and external audit activities as compliance liaison • Develop and maintain compliance metrics, dashboards, and executive reporting • Coordinate with Information System Security Officers (ISSOs) and System Owners Work Environment And Physical Requirements Work Arrangement • Hybrid position with flexible remote and on-site requirements Physical Requirements • Prolonged periods working at a computer workstation • Ability to participate in virtual and in-person meetings • Occasional lifting of equipment or materials up to 20 pounds • Standard office environment with ergonomic workstation setup Requirements Required Qualifications Education • Bachelor's degree in Cybersecurity, Information Technology, Information Systems, Business Administration, or related field • Equivalent combination of education and experience may be considered Experience • Minimum 3-5 years of experience in cybersecurity compliance, IT audit, or risk management • Demonstrated experience with compliance frameworks, preferably NIST 800-171, NIST 800-53, or similar federal standards • Experience with System Security Plan (SSP) development or documentation • Proven track record in pre-audit preparation and evidence gathering activities • Technical Knowledge • Working knowledge of NIST 800-171 security controls and requirements • Understanding of cybersecurity principles, risk management, and control frameworks • Familiarity with federal compliance requirements (FISMA, FedRAMP, CMMC, or similar) • Experience with compliance documentation tools and systems Skills And Competencies • Exceptional written and verbal communication skills • Strong organizational skills with keen attention to detail • Ability to manage multiple priorities and deadlines simultaneously • Collaborative mindset with ability to work across technical and non-technical teams • Proficiency in Microsoft Office Suite, particularly Excel and Word • Experience with documentation management systems and collaborative platforms • Clearance and Citizenship • U.S. Citizenship required • Ability to obtain and maintain required security clearances as needed • Background check and reference verification required Preferred Qualifications • Certifications (One or More Highly Desired) • Certified Information Systems Security Professional (CISSP) • Certified Information Security Manager (CISM) • Certified Authorization Professional (CAP) • Certified CMMC Professional (CCP) or Certified CMMC Assessor (CCA) • CompTIA Security+ • Certified Internal Auditor (CIA) • ISO 27001 Lead Auditor or Lead Implementer Additional Experience • Direct experience supporting CMMC assessments or certifications • Experience with COREnet or similar inherited control environments • Previous work in defense contracting or federal government environments • Experience with GRC (Governance, Risk, and Compliance) platforms such as Archer, ServiceNow GRC, or similar tools • Knowledge of DoD supply chain security requirements Apply tot his job Apply To this Job