Senior Cybersecurity Analyst – CMMC & DoD Compliance

Job description

Job Description The Role: The Cybersecurity Analyst will help lead the CMMC compliance efforts to enable pursuit of new GM Defense and other U.S. Government–regulated programs. This role works with cross‑functional teams to execute and assess control implementation, collect and validate audit‑ready evidence, and prepare artifacts for external assessments. The analyst works with the GMD GRC team and leads IT, program management, cloud, and engineering teams to ensure compliance with CMMC, NIST SP 800‑171, DFARS, FAR, and DoD cybersecurity requirements supporting government contracts. The ideal candidate combines strong understanding of security frameworks combined with technical security depth (on-prem + cloud) to manage evidence collection and remediation across multiple internal teams and is capable of obtaining security clearance. What You’ll Do: Drive the overall governance for government programs. Execute annual self-assessments (Continuous Monitoring) on CMMC/NIST controls and document findings. Coordinate internal teams (IAM, cloud, infrastructure, SOC, endpoint, vulnerability management, application owners) to validate control implementation and operational effectiveness. Id...