CMMC Compliance Analyst (Remote, US)

namename·Remote(United States)
Legal & Compliance

WFA Digital Insight

The remote job market is witnessing a surge in demand for skilled compliance professionals, with a 25% increase in job postings over the past year. The CMMC Compliance Analyst role at Lumen is particularly interesting, as it requires a unique blend of technical expertise and attention to detail. With the growing need for secure connectivity solutions, Lumen is at the forefront of innovation, and this role offers a chance to work with a trusted network. Before applying, candidates should be aware of the evolving CMMC requirements and have a strong understanding of NIST SP 800-171 controls.

Job Description

About the Role

The CMMC Compliance Analyst plays a critical role in ensuring the security and integrity of Lumen's systems and data. As a key member of the security team, this individual will be responsible for managing all phases of security integration, from initial setup to ongoing monitoring and compliance. The role involves working closely with various stakeholders, including government program security officers, information systems security counterparts, and internal clients.

The CMMC Compliance Analyst will be responsible for developing and maintaining standard operating procedures, fixed facility checklists, and systems security plans in accordance with relevant regulations and guidelines. This will require a deep understanding of security principles, as well as the ability to communicate complex concepts to both technical and non-technical stakeholders.

Lumen is a trusted network for the AI-powered world, connecting people, data, and applications through its expansive fiber network and connected ecosystem. As a CMMC Compliance Analyst, you will be part of a team that enables secure, high-performance connectivity across cloud, edge, and AI workloads for enterprises, governments, and communities.

What You Will Do

  • Execute continuous monitoring activities across a CMMC L2 enclave, ensuring ongoing compliance with NIST SP 800-171 controls
  • Maintain audit-ready evidence repositories, including policies, procedures, and technical artifacts
  • Perform periodic control assessments, validation, and remediation tracking
  • Support POA&M management, including identification, documentation, and closure of findings
  • Leverage GRC tools to manage controls, track compliance status, and maintain evidence
  • Collaborate with system owners, engineers, and ISSOs to ensure proper control implementation and sustainment
  • Prepare for and support C3PAO assessments, surveillance reviews, and re-certification activities
  • Track and report compliance status, risks, and metrics to leadership
  • Assist in updating SSPs, network diagrams, data flow diagrams, and supporting documentation

What We Are Looking For

  • CMMC Registered Practitioner Advanced (RPA) certification
  • CMMC Certified Professional (CCP) certification within the first six months
  • Demonstrated experience supporting a successful CMMC Level 2 C3PAO assessment
  • Experience with continuous monitoring, audit preparation, and compliance documentation
  • Strong working knowledge of NIST SP 800-171 controls and assessment objectives
  • Working knowledge of FAR, DFARS, and CMMC-related cybersecurity and contracting requirements for Defense Industrial Base contractors
  • Familiarity with evolving CMMC requirements
  • Ability to work in a structured, compliance-driven environment with strong attention to detail

Nice to Have

  • CMMC Certified Assessor (CCA) certification
  • Experience supporting FedRAMP Moderate or High ATO environments
  • Hands-on experience using GRC tools such as ServiceNow IRM, Diligent, Archer, or similar platforms
  • Understanding of cloud environments (Azure Gov, AWS GovCloud) in regulated enclaves

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a trusted network in the AI-powered world
  • Collaborative and dynamic work environment
  • Professional development and certification opportunities
  • Flexible remote work arrangements
  • Access to cutting-edge technology and tools
  • Comprehensive health insurance and wellness programs
  • Generous PTO and holiday schedule
  • Remote work stipend and home office setup support

How to Stand Out

  • Develop a strong understanding of CMMC requirements and NIST SP 800-171 controls to stand out in the application process.
  • Familiarize yourself with GRC tools and platforms to demonstrate your ability to manage controls and track compliance status.
  • Highlight your experience with continuous monitoring, audit preparation, and compliance documentation to showcase your expertise.
  • Be prepared to provide specific examples of your experience supporting CMMC assessments and compliance activities.
  • Research Lumen's company culture and values to demonstrate your fit with the organization and its mission.
  • Prepare to discuss your ability to work in a structured, compliance-driven environment and your attention to detail.
  • Consider obtaining CMMC certifications, such as RPA or CCP, to enhance your credentials and competitiveness.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.