GRC Ananlyst

Job Description:

Experienced Governance, Risk, and Compliance (GRC) professional with demonstrated expertise supporting and advancing Cybersecurity Maturity Model Certification (CMMC) Level 2 compliance programs within Department of Defense (DoD) contractor environments. Skilled in applying NIST SP 800- 171 requirements, conducting compliance assessments, managing cybersecurity governance initiatives, and collaborating with both technical and business stakeholders to strengthen organizational security posture. Proven ability to work independently in hybrid environments while supporting ongoing compliance, risk management, and audit readiness efforts.
Primary responsibilities include but are not limited to the following:
Key Responsibilities:

• Lead and support CMMC Level 2 compliance readiness activities
• Assess current cybersecurity controls against NIST SP 800-171 and CMMC Level 2 requirements Review and update System Security Plans (SSPs), POA&Ms, policies, standards, and procedures Coordinate evidence collection and documentation for compliance validation
• Work with IT, Security, Operations, and leadership teams to remediate compliance gaps
• Support implementation and tracking security controls across technical and administrative domains
• Conduct risk assessments and provide remediation recommendations
• Assist with internal audits, mock assessments, and third-party assessment preparation
• Advise leadership on compliance posture, risks, and priorities
• Support ongoing governance and compliance reporting activities
• Help establish sustainable compliance processes and operational maturity
Additional Duties as Assigned:

• Will perform relevant additional duties as assigned.
Qualifications and Experience:
Required Qualifications:

• 7+ years of experience in Governance, Risk, and Compliance (GRC)
• Demonstrated experience with:
o CMMC Level 2 o NIST SP 800-171
• Experience preparing organizations for CMMC assessments or audits
• Strong understanding of cybersecurity governance frameworks and security controls Experience developing and maintaining:
o SSPs o POA&Ms of 3 o Policies and procedures o Risk registers
• Ability to work independently with minimal oversight
• Strong written and verbal communication skills
• Experience collaborating with technical and executive stakeholders Preferred Qualifications:

• CMMC Certified Professional (CCP) or Certified Assessor (CCA)
• CISSP, CISA, CRISC, or similar certifications
• Experience supporting hybrid or Azure-based environments Familiarity with government or defense industry operations
• Experience with security tooling, vulnerability management, or audit platforms Desired Attributes
• Self-starter with strong organizational skills
• Practical, solutions-oriented mindset
• Ability to balance compliance requirements with operational realities Detail- oriented with strong documentation discipline
• Comfortable operating in fast-paced environments
Working Conditions and Physical Demands
• Part-time position operating in a hybrid work environment with both onsite and remote work requirements.
• Work is primarily performed in a professional office setting with prolonged periods of sitting, computer use, and virtual collaboration.
• Position requires frequent use of computers, multiple software platforms, and secure information systems to review, analyze, and maintain compliance documentation and cybersecurity records.
• May require participation in meetings, audits, assessments, and collaborative sessions with internal stakeholders, external assessors, customers, or government representatives.
• Employee must be able to maintain confidentiality and appropriately handle sensitive, proprietary, export-controlled, and government-related information.
• Occasional schedule flexibility may be required to support compliance deadlines, audit activities, remediation efforts, or operational requirements.
• Minimal travel may be required in support of onsite assessments, meetings, or customer requirements. Must be able to obtain and maintain any required credentials, access authorizations, or security clearances associated with the position. M1 Support Services, headquartered in Westlake, Texas provides a variety of professional, technical, and maintenance services to the Department of Defense and government agencies.
M1 Support Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to disability, or veteran status.
M1 Support Services offers a comprehensive benefits package including several options for Medical, Dental, Vision, Life and Dependent Life, AD&D, Short-and Long-term Disability. We also offer Flexible Spending Accounts for qualified health and dependent care expenses, as well as a free Employee Assistance Program. Page 3 of 3

Job Ident #: 114128

Company Details

M1 Support Services

1500 Solana Blvd
Suite 5200
Westlake, Texas 76262 USA
www.m1services.com

M1 Support Services, headquartered in Westlake, Texas, provides a variety of professional and technical services, including aviation services, to the Department of Defense and government agencies.

Benefits:
Comprehensive benefits package including Medical, Dental, Vision, Life and Dependent Life, AD&D and Dependent AD&D, Short-Term and Long-Term Disability. We also offer Flexible Spending Accounts for qualified health and dependent care expenses, which provide tax savings, as well as a free Employee Assistance Program.

Supported Manufacturers:
Lockheed Martin, General Dynamics, McDonnell Douglas

Supported Models:
F-22, F-35, A-10, F-15, F-16, C-12, UH-1, H-60, LUH-72, AH-64, CH-47, B-1B

(Job and company information not to be copied, shared, scraped, or otherwise disseminated/distributed without explicit consent of JSfirm, LLC)

Job Info

Location

Westlake, Texas, United States

Type

Permanent

Salary Range

$75.00

Company Details

M1 Support Services

1500 Solana Blvd
Suite 5200
Westlake, Texas 76262 USA
www.m1services.com