CMMC / NIST Consultant, Analyst

Job not on LinkedIn

🕒 May 15

🤠 Texas – Remote

🤠 Texas – Remote

⏳ Contract/Temporary

🟡 Mid-level

🟠 Senior

🧐 Analyst

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Hotman Group, LLC

WebsiteLinkedInAll Job Openings

1 - 10 employees

Founded 2016

🔒 Cybersecurity

📋 Compliance

🤝 B2B

Cybersecurity • Compliance • B2B

Hotman Group, LLC is a leading provider of comprehensive cybersecurity and governance, risk, and compliance (GRC) services. The company assists business leaders in enhancing client trust by offering robust cybersecurity strategies and addressing GRC challenges. Hotman Group specializes in developing cybersecurity strategies, executing one-time projects, and augmenting staff. The firm helps businesses unify risk, compliance, and security in a sustainable manner, ensuring readiness for audits, and establishing business continuity plans. By focusing on both technology and the necessary human elements, Hotman Group aims to protect businesses fully and strategically align them with security compliance frameworks such as SOC 2 and NIST CSF.

📋 Description

• Support client engagements related to CMMC readiness, implementation, and documentation • Develop, update, and maintain System Security Plans • Assist with NIST SP 800-171, NIST SP 800-53, and FedRAMP documentation, control mapping, and related deliverables • Gather, organize, and review evidence supporting control implementation • Support CUI scoping discussions, boundary definition, and enclave design • Draft and refine control narratives, policies, procedures, and related compliance documentation • Identify gaps and support development of POA&Ms and remediation tracking • Work directly with client stakeholders to collect information, validate details, and keep deliverables moving • Contribute to readiness efforts tied to assessments, documentation, and ongoing compliance activities • Participate in peer review of deliverables before they go to clients — your work will be reviewed and you will review others

🎯 Requirements

• 3 to 5 years of relevant experience in GRC, cybersecurity compliance, or related consulting work • Hands-on experience with CMMC-related work -- this is required, not a nice to have • Direct experience developing or contributing to System Security Plans, evidence collection, remediation documentation, and compliance policies -- also required • Familiarity with NIST SP 800-171, NIST SP 800-53, and FedRAMP • Strong writing and documentation skills -- your deliverables are clear, accurate, and do not require heavy editing before they go to a client • The ability to work directly with client stakeholders, gather information, manage follow-through, and keep work moving • Strong organization and professionalism in a client-facing environment • Comfort stepping into projects that are already in motion and contributing independently with minimal ramp-up time • A default toward communication — you keep the team informed, you acknowledge quickly, and you do not go dark on a deliverable or a client • Experience supporting CMMC Level 2 efforts, CUI scoping, enclaves, or boundary discussions is a strong plus. • Familiarity with POA&Ms, assessment readiness, and control crosswalks is also valued. • Active certifications such as CCP, CCA, CISSP, CISM, or CISA are preferred. If you do not currently hold a relevant certification, we expect you to be actively pursuing one. • Permanent authorization to work in the U.S. -- no sponsorship of any kind now or in the future. • Able to pass a background check

🏖️ Benefits

• Reliable high-speed internet and a secure, private remote workspace