What are the responsibilities and job description for the Cybersecurity Compliance Specialist (vCM) position at DOT Security?
DOT Security’s mission is to improve the security posture of client organizations by providing detection, response, risk management, and compliance services as identified and required. DOT Security will implement processes, technology, and subject matter expert personnel to monitor and respond to client needs in the cybersecurity and compliance space. Working with client organizations, DOT Security will continuously measure and improve internal processes and technology, which will translate to improved services provided to the client.
DOT Security is seeking a Virtual Compliance Manager (vCM) to perform point-in-time gap analyses and provide ongoing advisory support to clients, ensuring adherence to regulatory compliance requirements, with a primary focus on CMMC standards and certification readiness. This role requires monitoring state and federal regulations, collaborating with client stakeholders, and proactively modifying compliance programs to address new regulatory standards as they take effect.
The vCM is not a remote position. The vCM is required to be on-site at the DOT Security- Security Operations Center.
Responsibilities
- Client Strategy & Risk Management (50%):
- Develop a vision and roadmap for client compliance controls, processes, and risk management, particularly focused on achieving and maintaining CMMC certification.
- Act as the primary contact for client resources regarding reported compliance violations or gaps related to CMMC requirements.
- Facilitate resource allocation for effective compliance policy implementation.
- Build and maintain strong client relationships, providing exceptional service and support.
- Gap Analysis (30%):
- Perform periodic gap analyses and ongoing compliance monitoring for client organizations.
- Track client compliance documents and support the filing of compliance reports as needed.
- Remain up-to-date on compliance laws, rules, and regulations, and inform clients about changes.
- Support external auditors and authorities with compliance reviews and investigations.
- Professional Development & Administrative Tasks (20%):
- Stay informed on advancements in technology and their implications for cybersecurity.
- Contribute to the development and implementation of written compliance policies and procedures.
- Demonstrate critical thinking, active listening, and effective problem-solving skills in a dynamic environment.
Things We Are Looking For
- Bachelor’s degree in a relevant field (Business, Information Technology, Cybersecurity, or related discipline).
- Relevant work experience in managed services or compliance-focused roles.
- Knowledge of compliance frameworks such as CMMC, CIS Controls, NIST CSF, and MITRE ATT&CK.
- Strong understanding of:
- Risk assessment methodologies, scoring, and mitigation strategies.
- Supply chain risk management standards and practices.
- Cybersecurity principles, including system resiliency, redundancy, and disaster recovery concepts.
- Proven ability to write, review, and implement policies, processes, and procedures.
- Excellent communication skills, with the ability to explain technical concepts to non-technical audiences.
Other Desire Attributes
- Public Trust background check (Limited Requirement)
- Relevant work experience in managed services industry
- Cyber community participation (conferences/groups/tool authoring/CTFs)
- Familiarity with at least one scripting language (Perl/Python/PowerShell)
- Understanding of CIS Controls, NIST CSF, MITRE ATT&CK, and OWASP
- Certifications such as CMMC-AB Registered Practitioner, MGRC, GRCP, or CRISC
Benefits
- Expected salary range of $100,000-$120,000
- 20 days of PTO
- 12 paid holidays
- Flexible Sick Day Policy
- Paid Parental Leave
- Comprehensive Health, Disability Life, Dental and Vision Plans
- 401(K) discretionary match & retirement plans
- Continued education reimbursement
- On-going training & development opportunities
#LI-Onsite
Salary : $100,000 - $120,000
