Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

CMMC / NIST Consultant / Analyst

Hotman Group LLC

About the Role


Hotman Group is a boutique cybersecurity and GRC consulting firm doing meaningful work for clients who need GRC done right across the Defense Industrial Base navigating CMMC, NIST 800-171, and federal compliance requirements. We are looking for a mid-level CMMC and NIST practitioner who can step into active client delivery work, produce strong documentation, and help move projects forward without a lot of hand-holding.


This is a contract role that may be structured as part-time or full-time based on project needs and candidate availability.


What You Will Do


As a CMMC / NIST Consultant Analyst at Hotman Group you will contribute directly to active client engagements involving federal compliance frameworks. You will:

  • Support client engagements related to CMMC readiness, implementation, and documentation
  • Develop, update, and maintain System Security Plans
  • Assist with NIST SP 800-171, NIST SP 800-53, and FedRAMP documentation, control mapping, and related deliverables
  • Gather, organize, and review evidence supporting control implementation
  • Support CUI scoping discussions, boundary definition, and enclave design
  • Draft and refine control narratives, policies, procedures, and related compliance documentation
  • Identify gaps and support development of POA&Ms and remediation tracking
  • Work directly with client stakeholders to collect information, validate details, and keep deliverables moving
  • Contribute to readiness efforts tied to assessments, documentation, and ongoing compliance activities
  • Participate in peer review of deliverables before they go to clients - your work will be reviewed and you will review others
This is hands-on delivery work in a remote consulting environment. You will be expected to step into active projects and contribute from day one.


What You Bring
  • 3 to 5 years of relevant experience in GRC, cybersecurity compliance, or related consulting work
  • Hands-on experience with CMMC-related work -- this is required, not a nice to have
  • Direct experience developing or contributing to System Security Plans, evidence collection, remediation documentation, and compliance policies -- also required
  • Familiarity with NIST SP 800-171, NIST SP 800-53, and FedRAMP
  • Strong writing and documentation skills -- your deliverables are clear, accurate, and do not require heavy editing before they go to a client
  • The ability to work directly with client stakeholders, gather information, manage follow-through, and keep work moving
  • Strong organization and professionalism in a client-facing environment
  • Comfort stepping into projects that are already in motion and contributing independently with minimal ramp-up time
  • A default toward communication - you keep the team informed, you acknowledge quickly, and you do not go dark on a deliverable or a client
Experience supporting CMMC Level 2 efforts, CUI scoping, enclaves, or boundary discussions is a strong plus. Familiarity with POA&Ms, assessment readiness, and control crosswalks is also valued.


Active certifications such as CCP, CCA, CISSP, CISM, or CISA are preferred. If you do not currently hold a relevant certification, we expect you to be actively pursuing one.


This role requires direct accountability for work product and outcomes. If your CMMC or NIST experience has been primarily observational or in a support capacity without ownership of documentation or deliverables, this role will be a significant adjustment.


Requirements
  • Permanent authorization to work in the U.S. -- no sponsorship of any kind now or in the future
  • Able to pass a background check
  • Reliable high-speed internet and a secure, private remote workspace

Our Hiring Process


Our process is designed to be straightforward but rigorous. In addition to a written questionnaire and video responses, finalists will complete a practical skills assessment before advancing to a panel interview with our delivery team. The assessment reflects the type of work you will do on active client engagements. If you are confident in your CMMC and NIST expertise, this is your opportunity to show it.


Why Hotman Group


At Hotman Group we are not just another consulting firm. You will work alongside people who care about the craft and push each other to do better. No politics, no silos, no hierarchy between you and the people making decisions.


You will touch more GRC frameworks, more industries, and more client situations in one year here than most practitioners see in five. You will grow because the work demands it.


The clients you serve will actually notice your work. You are not a number on a headcount. Your name is on the deliverable.


If you want to do real GRC work, get better at it every day, and work with a team that holds itself to a high standard - this is the place.


No phone calls or emails please.
Vacancy posted 5 days ago
Similar jobs that could be interesting for youBased on the CMMC / NIST Consultant / Analyst in United States vacancy
  •  ...Hotman Group is seeking a CMMC / NIST Consultant / Analyst to support client projects involving CMMC, SSP development, NIST SP 800-171, NIST SP 800-53, FedRAMP, evidence collection, control documentation, and remediation tracking. This is a contract role that may be structured... 
    Suggested
    Full time
    Contract work
    Part time
    Remote work

    Remote Jobs

    New York, NY
    1 day ago
  • A cybersecurity consultancy is seeking a CMMC / NIST Consultant / Analyst to support projects involving CMMC readiness and NIST documentation. This role requires 3-5 years of experience in cybersecurity compliance and strong documentation skills. Ideal candidates will work... 
    Suggested
    Remote job
    Full time
    Contract work
    Part time

    Remote Jobs

    New York, NY
    2 days ago
  •  ...is hiring a Governance, Risk and Compliance Analyst in Boston. This hybrid role involves supporting compliance initiatives and NIST frameworks in government and higher education...  ...2-4 years of experience, and proficiency in CMMC. Responsibilities include conducting risk... 
    Suggested

    Northeastern University

    Boston, MA
    5 days ago
  • $125k

    The University of Texas at Austin is seeking a Cybersecurity GRC Analyst to enhance their governance, risk, and compliance activities. This role focuses on compliance frameworks such as NIST and CMMC, supporting secure research practices. The ideal candidate should have... 
    Suggested
    Remote job

    The University of Texas at Austin

    Austin, TX
    1 day ago
  •  ...headquartered in Cambridge, MA, is looking for a Cybersecurity Risk Analyst. This position involves managing unclassified information system risks and compliance, focusing on frameworks like NIST and CMMC. The ideal candidate will provide technical guidance, perform risk... 
    Suggested
    Flexible hours

    Draper

    Boston, MA
    2 days ago
  •  ...A leading consulting firm in Wakefield is looking for an experienced Information Security Analyst. You will lead the design, implementation, and management of the information...  ...program, ensuring compliance with NIST, CMMC, and SOC-2 frameworks. The successful candidate... 

    GEI Consultants

    Wakefield, MA
    5 days ago
  •  ...all applications and next steps. Our partner is looking for a CMMC Senior Consultant (Cybersecurity Maturity Model Certification) based in the...  ...architectures, and remediation strategies aligned with CMMC, NIST SP 800-171, and applicable regulatory requirements. Collaborate... 
    Remote job
    Full time
    Work from home
    Visa sponsorship

    jobgether

    United States
    10 hours ago
  • Draper Labs in Cambridge, MA is seeking a Cybersecurity Risk Analyst to join their Cybersecurity Risk Management team. The analyst will...  ...compliance efforts, applying regulatory requirements including DFARS and CMMC to unclassified computing environments. This role includes... 

    Draper Labs

    Cambridge, MA
    5 days ago
  •  ...increasingly stringent cybersecurity requirements — especially under CMMC and NIST 800-171. These requirements are complex, resource-intensive,...  ...or federal contracting environments Prior experience in a consulting, advisory, or in‑house compliance leadership role Bachelor’s... 
    Full time
    Flexible hours

    Koop

    New York, NY
    2 days ago
  •  ...customers’ business. About the Role As a GRC Consultant at Network Coverage, you will be part of...  ..., under the guidance of the Director of CMMC Compliance and Chief Advisory Officer....  ...Familiarity with regulatory frameworks such as NIST/CMMC, ISO 27001, HIPAA/Hitech, GDPR are a... 
    Remote job
    Work at office
    Overseas
    Flexible hours
    Shift work

    NetCov

    New York, NY
    2 days ago
  • $115k - $145k

     ...seeking a hands‑on technical leader for CMMC Business Analyst to maintain and continuously improve...  ...Responsibilities Risk Assessment - mapping CMMC and NIST 800‑171 controls to application...  .... Previous C3PAO, assessment, or consultancy experience. CISSP (Certified... 
    For contractors

    Zone 5 Technologies

    California, MO
    1 day ago
  • $20 per hour

     ...Employees should apply within Workday through the Jobs Hub appThe CMMC Compliance Support Specialist supports organizational efforts to...  ...Maturity Model Certification (CMMC) Level 2 requirements and associated NIST SP 800-171 controls. The ideal candidate possesses excellent... 
    Hourly pay
    Full time
    Work at office

    University-System-of-New-Hampshir

    Durham, NH
    5 days ago
  • Neier Inc. in Houston is looking for a Senior GRC Analyst with extensive expertise in DoD and federal compliance, especially CMMC 2.0 Level 2 and FISMA. The role involves implementing and validating NIST controls, preparing for audits, and collaborating with various teams... 

    Neier Inc.

    Houston, TX
    3 days ago
  •  ...Collaborative Solutions, LLC is seeking an Analyst Consultant to join their Workday team in Manila, offering a remote working setup. The position involves supporting Workday HCM projects, providing subject matter expertise, and ensuring client satisfaction through effective... 
    Remote work

    Collaborative Solutions

    Manila, UT
    5 days ago
  • An established industry player is seeking a CMMC Consultant to lead efforts in achieving compliance with the latest cybersecurity standards. This part-time position is perfect for an expert with a strong background in CMMC implementation and IT security. You will assess... 
    Remote job
    Part time

    Tenacious Solutions, LLC

    Arlington, VA
    1 day ago
  •  ...Senior Consultant - Epic Him Analyst Make a difference. Be happy. Grow your career. A Nordic consultant is more than just an Epic expert. Our analysts take ownership for their work and the greater success of the organization. We're also looking for someone who listens... 
    Work experience placement
    Work at office
    Local area
    Remote work
    Night shift
    Weekday work

    Nordic

    United States
    3 days ago
  • $105k - $135k

    Overview MoFo is a destination law firm for talented, ambitious practitioners who value collaboration, teamwork, and commitment to excellence. We are known around the world not only for delivering innovative yet practical client service but also for serving as an incubator...
    Work at office

    Morrison Inc

    San Francisco, CA
    4 days ago
  • Overview Our client is a stable, global firm currently underway in a large transformation to Workday HCM. This role is central to the team, and requires strong Functional Workday HCM skillset . Responsibilities Lead requirements discovery and analysis for enterprise HCM...

    Cloud Talent

    Austin, TX
    3 days ago
  • $85k - $110k

     ...Junior Consultant/Analyst We are seeking a motivated and detail-oriented Junior Consultant/Analyst to support the United States Coast Guard (USCG) Office of Intelligence, Surveillance, and Reconnaissance (ISR) Systems and Technology. This entry-level role involves... 
    Work at office

    C.P. MARINE, INC.

    Washington DC
    1 day ago
  •  ...Overview Join to apply for the Senior Consultant - Interface Analyst - Remote role at Nordic Global . A Nordic consultant is more than just an Epic expert. Our analysts take ownership for their work and the greater success of the organization. We’re also looking for someone... 
    Full time
    Contract work
    Local area
    Remote work

    Nordic Global

    New York, NY
    2 days ago
  • $97.22k - $143.71k

     ...Senior Consultant Data Analyst Arlington, Virginia, United States, Remote Excella is a transformative technology firm that helps organizations unlock new possibilities. We believe the key to helping clients challenge the status quo and reach new heights lies in our... 
    Remote work
    Work from home
    Home office
    Flexible hours

    Excella Consulting

    United States
    4 days ago
  •  ...Description Ariento is seeking a Senior Consultant to join our Advisory and Consulting Team...  ...Cybersecurity Maturity Model Certification (CMMC) Subject Matter Expert (SME). This role...  ...compliance with CMMC, DFARS 252.204-7012, NIST SP 00-171, and FedRAMP Conduct... 

    Ariento Inc

    Franklin, TN
    13 days ago
  • $105k - $135k

     ...Entry Level Life Sciences Patent Agent or Scientific Analyst Join to apply for the Entry Level Life Sciences Patent Agent or Scientific Analyst role at Morrison Foerster . Who We Are MoFo is a destination law firm for talented, ambitious practitioners who... 
    Full time
    Work at office
    Worldwide
    Flexible hours

    Morrison Foerster

    San Francisco, CA
    5 days ago
  • CMMC IT Level 2 Implementation Specialist Consultant Triton combines 30+ years of experience with exciting growth and innovation opportunities within the product development and R&D space. We support Government and commercial markets by delivering advanced solutions across... 

    Triton Systems, Inc.

    Chelmsford, MA
    4 days ago
  •  ...performance review promptly. Provides training and coaching to Analysts as directed and assumes responsibility for reviewing the...  ...work experience required (4 years' experience preferred) for Consultant level Certificates, Licenses, and Registrations: For Analyst... 
    Apprenticeship
    Work experience placement

    Urban Science International Gmbh

    Plano, TX
    1 day ago
  • A consulting firm is seeking a Senior Consultant to provide Epic-related consulting services. This role involves tackling tough projects with clients, applying technical expertise to improve systems, and mentoring project teams. Candidates must have at least 3 years of... 
    Remote work

    Remote Jobs

    New York, NY
    2 days ago
  • The Planet Group is seeking a Certified Epic Willow Inpatient Analyst Consultant for a 6-month fully remote contract focused on Epic pharmacy systems support. This role involves maintaining and optimizing Epic Willow Inpatient workflows, collaborating with clinical and... 
    Remote job
    Contract work

    The Planet Group

    New York, NY
    4 days ago
  • Make a difference. Be happy. Grow your career. A Nordic consultant is more than just an Epic expert. Our analysts take ownership for their work and the greater success of the organization. We're also looking for someone who listens to the client and understands that each... 
    Contract work
    Work experience placement
    Local area
    Remote work

    Remote Jobs

    New York, NY
    2 days ago
  • Our client, a leader in critical infrastructure and security solutions, is seeking a dedicated and experienced Senior SOC Consultant Analyst to join their dynamic team. As a Senior SOC Consultant Analyst, you will be instrumental in supporting both IT and OT security operations... 
    Weekly pay
    Contract work
    Temporary work
    Remote work
    Flexible hours

    ManpowerGroup

    New York, NY
    2 days ago
  •  ...Communicates as much information as possible to customers, including reasons for problems, project status, and deadlines. Acts as a valued consultant and resource to customers. Responsible for establishing and maintaining effective communication, coordination and working... 
    Full time

    Cutek LLC

    Murrieta, CA
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to CMMC / NIST Consultant / Analyst. Be the first to apply!