[Hiring] Associate Compliance Consultant @C3 Integrated Solutions

C3 Integrated Solutions works with U.S. federal and defense contractors, many of whom are small and mid-sized businesses in aerospace and defense, manufacturing, technology, or R&D, to implement security controls and help develop mature cybersecurity and compliance practices.

The Associate Compliance Consultant plays a supportive role in the development and management of a Governance, Risk, and Compliance (GRC) program within client organizations. This role works collaboratively with client stakeholders including business leaders and internal IT, as well as C3’s professional services and managed services teams and third-party service providers.

What You'll Do
• Document & scope: Support mapping data flows for FCI/CUI; assist in defining system scope (people, processes, technology) for assessments.
• Assess & track: Support readiness assessments against NIST SP 800-171/CMMC L1–L2; collect artifacts; log gaps and actions in POA&Ms.
• Author & maintain: Draft and update sections of System Security Plans (SSPs), policies, procedures, and diagrams using C3 templates.
• Evidence management: Organize client evidence in approved repositories; keep versioning and status current.
• Client coordination: Schedule/record working sessions; capture meeting notes, actions, and owners; follow up on actions to keep timelines on track.
• Advisory support: Reach out to team members with questions; escalate risks and blockers promptly.
• Tooling & hygiene: Use project/ticket tools (e.g., Asana/ConnectWise), GRC platforms (e.g., FutureFeed/Hudu), MS 365, and Copilot to keep work visible and auditable.
• Quality & consistency: Apply C3 formatting and naming standards; ensure deliverables are clear, complete, and client-ready.
What You’ll Learn
• How to operationalize CMMC L1–L2 and NIST SP 800-171 in small/midsize defense contractors.
• How to build durable compliance artifacts (SSP, policies, procedures, diagrams, POA&M) that pass audits and assessments.

What You'll Bring
You’re a strong communicator who wants to grow in security consulting. You bring a positive, client-service mindset and love organizing details into clean, reliable deliverables. You have exposure to IT/IS, compliance & risk, or consulting, and you’re comfortable learning frameworks like CMMC, NIST, CIS, and MITRE ATT&CK with guidance from senior consultants.
• 0–3 years in cybersecurity/compliance/IT audit/IT ops or relevant internships/coursework/projects.
• Clear, concise writing and professional client communication skills.
• Strong organization and follow-through; comfortable managing checklists, evidence, and deadlines across multiple clients.
• Working knowledge of core security/compliance concepts (access control, logging, vulnerability management, incident response).
• U.S. work authorization and ability to handle sensitive, client-confidential information.
• Awareness of U.S. export control requirements under ITAR and EAR
• Occasional (