CMMC / NIST Consultant / Analyst Job at Hotman Group, Remote

ZkZqWWk3cnZIdWR3SFcycEhFcVRDakwyNmc9PQ==
  • Hotman Group
  • Remote

Job Description

About the Role  

Hotman Group is a boutique cybersecurity and GRC consulting firm doing meaningful work for clients who need GRC done right across the Defense Industrial Base navigating CMMC, NIST 800-171, and federal compliance requirements. We are looking for a mid-level CMMC and NIST practitioner who can step into active client delivery work, produce strong documentation, and help move projects forward without a lot of hand-holding. 

This is a contract role that may be structured as part-time or full-time based on project needs and candidate availability. 

What You Will Do  

As a CMMC / NIST Consultant Analyst at Hotman Group you will contribute directly to active client engagements involving federal compliance frameworks. You will: 

  • Support client engagements related to CMMC readiness, implementation, and documentation 
  • Develop, update, and maintain System Security Plans 
  • Assist with NIST SP 800-171, NIST SP 800-53, and FedRAMP documentation, control mapping, and related deliverables 
  • Gather, organize, and review evidence supporting control implementation 
  • Support CUI scoping discussions, boundary definition, and enclave design 
  • Draft and refine control narratives, policies, procedures, and related compliance documentation 
  • Identify gaps and support development of POA&Ms and remediation tracking 
  • Work directly with client stakeholders to collect information, validate details, and keep deliverables moving 
  • Contribute to readiness efforts tied to assessments, documentation, and ongoing compliance activities 
  • Participate in peer review of deliverables before they go to clients — your work will be reviewed and you will review others 

This is hands-on delivery work in a remote consulting environment. You will be expected to step into active projects and contribute from day one. 

What You Bring  

  • 3 to 5 years of relevant experience in GRC, cybersecurity compliance, or related consulting work 
  • Hands-on experience with CMMC-related work -- this is required, not a nice to have 
  • Direct experience developing or contributing to System Security Plans, evidence collection, remediation documentation, and compliance policies -- also required 
  • Familiarity with NIST SP 800-171, NIST SP 800-53, and FedRAMP 
  • Strong writing and documentation skills -- your deliverables are clear, accurate, and do not require heavy editing before they go to a client 
  • The ability to work directly with client stakeholders, gather information, manage follow-through, and keep work moving 
  • Strong organization and professionalism in a client-facing environment 
  • Comfort stepping into projects that are already in motion and contributing independently with minimal ramp-up time 
  • A default toward communication — you keep the team informed, you acknowledge quickly, and you do not go dark on a deliverable or a client 

Experience supporting CMMC Level 2 efforts, CUI scoping, enclaves, or boundary discussions is a strong plus. Familiarity with POA&Ms, assessment readiness, and control crosswalks is also valued. 

Active certifications such as CCP, CCA, CISSP, CISM, or CISA are preferred. If you do not currently hold a relevant certification, we expect you to be actively pursuing one. 

This role requires direct accountability for work product and outcomes. If your CMMC or NIST experience has been primarily observational or in a support capacity without ownership of documentation or deliverables, this role will be a significant adjustment. 

Requirements  

  • Permanent authorization to work in the U.S. -- no sponsorship of any kind now or in the future 
  • Able to pass a background check 
  • Reliable high-speed internet and a secure, private remote workspace 

Our Hiring Process  

Our process is designed to be straightforward but rigorous. In addition to a written questionnaire and video responses, finalists will complete a practical skills assessment before advancing to a panel interview with our delivery team. The assessment reflects the type of work you will do on active client engagements. If you are confident in your CMMC and NIST expertise, this is your opportunity to show it. 

Why Hotman Group  

At Hotman Group we are not just another consulting firm. You will work alongside people who care about the craft and push each other to do better. No politics, no silos, no hierarchy between you and the people making decisions. 

You will touch more GRC frameworks, more industries, and more client situations in one year here than most practitioners see in five. You will grow because the work demands it. 

The clients you serve will actually notice your work. You are not a number on a headcount. Your name is on the deliverable. 

If you want to do real GRC work, get better at it every day, and work with a team that holds itself to a high standard — this is the place. 

No phone calls or emails please. 

Job Tags

Permanent employment, Full time, Contract work, Part time

Similar Jobs

Advanced Sciences and Technologies (AS&T)

Air Traffic Control Specialist Job at Advanced Sciences and Technologies (AS&T)

 ...Duties to be performed: Provides support to the William J. Hughes Technical Center on site though their past Air Traffic Control subject matter expertise. Must be familiar with Terminal Automation products. Support provides the T&E of ATC automation systems used... 

AdNet AccountNet, Inc.

Physician Medical Reviewer for Reasonable Accommodations Program Job at AdNet AccountNet, Inc.

 ...people with the ongoing demands of the workplace by providing high-quality staffing and executive search services. Position: Medical Reviewer for Reasonable Accommodations (RA) Program Purpose: Provide independent medical documentation review and functional... 

NavitasPartners

X-Ray Technician Radiologic Technologist - Travel Contract (Temp-to-Hire) Job at NavitasPartners

 ...X-Ray Technician / Radiologic Technologist Travel Contract (Temp-to-Hire) Location: New York NY 10002 Weekly Pay: $2800 $3143 Schedule: Day Shift Monday Friday 08:00 AM 05:00 PM Duration: 9 Weeks (Temp-to-Hire) Hours: 40 Hours per Week Job Overview... 

SR Global Security

Roving Security Supervisor Job at SR Global Security

 ...As a Security Officer at SR Global Security, you will play a crucial role in protecting our clients, their assets, and their employees...  ...procedures with other staff members Requirements: - Current Guard Card - High school diploma or GED equivalent, supplemented by... 

Premier Tech Inc

Desktop Support Analyst Job at Premier Tech Inc

 ...Desktop Support Analyst Consultant Kansas City, MO | Full-Time | 12-Month Contract | Hybrid (after onboarding) Responsibilities Provide Tier 2 end-user support across Windows, MacOS, laptops, PC hardware, Office 365, VMware VDI, Active Directory, SCCM, MFPs...