HiringCafe
Posted 2w ago

Compliance Project Manager

@ M3 Technology Consultants
View All Jobs
Fairfax, Virginia, United States
$80k-$115k/yrOnsiteFull Time
Responsibilities:Design compliance, Create audit evidence, Manage POA&Ms
Requirements Summary:Bachelor’s degree in Information Security or related field; preferred certifications: CISA, CISSP, CMMC Certified Professional; strong knowledge of cybersecurity compliance frameworks and Microsoft 365/Intune security controls.
Technical Tools Mentioned:Microsoft 365, Intune, MFA, RBAC, DLP, Device Compliance, PAM, POA&M, Audit Evidence, Policies and SSPs
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Who are We? 



M3 Technology Consultants is headquartered in Fairfax, VA, and was founded in 2003. We are a rapidly growing, dynamic company that has successfully built an industry reputation by providing our clients with unparalleled IT services to businesses across the Washington, D.C., and Denver, Colorado, areas. Our team of highly skilled IT professionals supports small and large businesses across numerous industries, providing comprehensive solutions for line of business applications, disaster recovery, physical server/network management, and network maintenance and management.



We foster an entrepreneurial work environment with a strong emphasis on customer service. And through empowering great employees, we have created a culture of dedicated, creative, dynamic, hardworking, and fun loving individuals.



What do we offer YOU? 




  • Very competitive compensation package

  • Annual paid training for continuing education

  • Collaborative team environment

  • Entrepreneurial work environment

  • Career Growth with an active mentorship program to help guide your advancement as an IT Professional

  • Health, dental, vision, sick and vacation leave, cell phone reimbursementgym membership, and more

  • 401 (k) with a generous employer match



Who are YOU? 



You are a detail oriented compliance professional with hands on experience managing cybersecurity and compliance frameworks such as CMMC (Level 1 & 2), NIST 800 171, and SOC 2. You’re comfortable designing and maintaining compliance programs, developing policies and procedures, and building audit ready documentation that supports both internal teams and client environments.



You bring practical technical knowledge to your compliance work, including supporting access and security controls within Microsoft 365 and Intune environments. You have experience performing risk assessments, identifying compliance gaps, tracking corrective actions through POA&Ms, and validating technical implementations such as RBAC, least privilege, MFA, Conditional Access, and device compliance. You understand how to prepare for audits, respond to assessor requests, and ensure evidence is accurate, organized, and complete.



You work collaboratively to deliver projects on time and within budget, and you’re comfortable coordinating with internal teams, clients, and external vendors to provide effective support services. You communicate clearly, support training and awareness initiatives, and can translate technical and regulatory requirements into actionable guidance, metrics, and reports that drive continuous improvement and strengthen the organization’s overall security posture.



Please note this position is full time, onsite in our headquarters office in Fairfax, VA, and requires U.S. Citizenship.



 



What does your day/week look like? 




  • Design, implement, and maintain compliance programs aligned with CMMC Level 1 & 2, SOC 2, NIST 800 171, and related frameworks for internal teams and clients

  • Create and update audit ready documentation, including security policies, SOPs, SSPs, and standardized evidence templates

  • Perform ongoing risk assessments, identify compliance gaps, manage POA&Ms, and track remediation progress. Validate and support technical security implementations in Microsoft 365 and Intune, including RBAC, least privilege, and privileged access controls

  • Work closely with internal teams and clients to ensure security configurations and workflows meet compliance requirements

  • Collect, organize, and prepare audit evidence for internal reviews and external third party assessments

  • Develop and deliver training on CUI handling, cybersecurity best practices, and secure use of Microsoft 365 and mobile devices

  • Provide regular compliance updates, KPIs, and risk summaries to leadership and stakeholders.