ZipRecruiter

Log In

1

Nist Compliance Jobs in Nevada (NOW HIRING)

Nelnet

Security Advisor

Carson City, NV · Remote

The Security Advisor provides information security and privacy consulting and compliance services using accepted standards, frameworks, and best practices including but not limited to NIST SPs 800-53 ...

Fusion HCR

Security & Infrastructure Manager

Las Vegas, NV · Remote

$137.40K/yr

Ensure the company's cybersecurity posture meets compliance standards, particularly SOX IT General Controls and NIST CSF 2.0. Document controls and maintain audit readiness. * Respond to ...

New

Stride, Inc.

IT Internal Audit Senior

Carson City, NV · On-site

$92.10K - $121K/yr

This role may support operational, financial, compliance, and non-information systems-related audit ... Working knowledge of IT control frameworks including COBIT, COSO, NIST, and ISO 27001.

next page

Showing results 1-20

People also search for

All JobsNist Compliance JobsNist Compliance Jobs in Nevada

Nist Compliance information

What is the difference between Nist Compliance vs Cybersecurity Analyst?

AspectNist ComplianceCybersecurity Analyst
CertificationsISO 27001, CISSP, CISACISSP, CEH, Security+
Work EnvironmentPolicy development, audits, compliance documentationMonitoring, threat analysis, incident response
Industry UsageOrganizations implementing security frameworksSecurity teams, IT departments

While Nist Compliance focuses on aligning organizations with NIST cybersecurity standards and frameworks, a Cybersecurity Analyst actively monitors and responds to security threats. Both roles require security certifications, but Nist Compliance emphasizes policy and standards adherence, whereas Cybersecurity Analysts focus on operational security and incident management.

What are popular job titles related to Nist Compliance jobs in Nevada? For Nist Compliance jobs in Nevada, the most frequently searched job titles are:
What job categories do people searching Nist Compliance jobs in Nevada look for? The top searched job categories for Nist Compliance jobs in Nevada are:
Nist Compliance jobs near you
Infographic showing various Nist Compliance job openings in Nevada as of May 2026, with employment types broken down into 3% As Needed, 44% Full Time, 41% Part Time, and 12% Contract. Highlights an 94% Physical, 2% Hybrid, and 4% Remote job distribution.
CMMC GRC Consultant (Hybrid)

CMMC GRC Consultant (Hybrid)

Intelligent Technical Solutions

Las Vegas, NV • Hybrid

$95K - $145K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 14 days ago

Job description

Job Description
We are seeking a CMMC GRC Consultant to lead the compliance advisory side of our CMMC practice and serve as the primary point of contact for clients throughout their engagement. In this role, you will own the client relationship from initial scoping through preparation for C3PAO assessments, guiding organizations through the full compliance lifecycle with clarity and structure. You will conduct detailed gap assessments across all 110 NIST SP 800-171 controls and their 320 objectives, develop and maintain System Security Plans and Plans of Action and Milestones, and oversee evidence collection to ensure audit readiness for CMMC Level 2 assessments. This position is focused on governance, risk, and compliance rather than technical implementation, requiring you to translate assessment findings into clearly defined and actionable remediation tasks that Security Engineers can execute using established SOPs and runbooks. The ideal candidate brings strong experience with CMMC or NIST SP 800-171, is confident managing client relationships, and has the ability to simplify complex compliance requirements into practical, outcome-driven guidance.
Job Responsibilities:
  • Lead initial client scoping engagements: identify people, processes, and assets that interact with CUI and FCI. Build RACI accountability matrices and data flow diagrams.
  • Determine enclave architecture recommendations (GCC, GCC High, hybrid, on-prem, full environment) in collaboration with Security Engineers based on where CUI/FCI resides in the client environment.
  • Conduct comprehensive gap assessments against all 320 objectives across 110 controls of NIST SP 800-171 Rev 2. Score each objective as Met, Not Met, or Partially Met. Calculate and submit SPRS scores.
  • Create detailed Plans of Action and Milestones (POA&Ms) from gap assessment findings. Prioritize remediation tasks and define milestones, resource requirements, and completion dates.
  • Translate gap assessment findings into specific, actionable remediation tasks mapped to Azure/M365 components using the team’s Control-Task Tracker. Each task must include enough detail that a Security Engineer can execute without further interpretation.
  • Develop and maintain System Security Plans (SSPs) documenting all 110 controls, implementation status, system boundaries, data flows, and organizational policies.
  • Create and maintain the full CMMC compliance policy library: access control policy, incident response plan, configuration management policy, audit policy, media protection policy, and all other required policy and procedure documents.
  • Manage the evidence collection process. Define what evidence is needed per control, coordinate with Security Engineers to capture technical evidence, and organize the evidence repository.
  • Conduct internal readiness reviews and mock assessments prior to C3PAO engagement. Identify remaining gaps and drive remediation to closure.
  • Support clients during C3PAO Level 2 assessments: answer assessor questions, locate evidence, provide clarifications, and coordinate responses to findings.
  • Manage 4-7 concurrent client engagements at various stages of the CMMC lifecycle.
  • Train client staff on security policies, acceptable use, CUI handling procedures, and incident reporting obligations.

Job Qualifications:
  • 3+ years of experience in cybersecurity compliance, GRC, or IT audit roles.
  • Direct experience with NIST SP 800-171 and/or the CMMC framework. Must be able to discuss the 14 control families and their requirements without relying on reference materials.
  • Experience writing System Security Plans (SSPs), POA&Ms, and compliance documentation for federal contractors or defense industrial base (DIB) organizations.
  • Experience conducting gap assessments or security assessments against a recognized framework (NIST 800-171, NIST 800-53, FedRAMP, ISO 27001, or similar).
  • Working knowledge of Microsoft 365 and Azure at a conceptual level. Does not need to configure Sentinel or Conditional Access, but must understand what these tools do and which CMMC controls they satisfy.

Preferred Experience:
  • Experience supporting C3PAO assessments (either as the assessed organization or as a consultant).
  • Familiarity with DFARS 7012, ITAR, and EAR requirements and how they affect CUI scope.
  • Experience with GRC platforms (e.g., RegScale, CORA, Totem, PreVeil, or similar).
  • Prior MSP or consulting experience managing multiple concurrent clients.
  • Experience with Microsoft Compliance Manager and Purview for compliance tracking and evidence.

Required Certification:
(at least one; additional required within timeline):
  • CMMC Certified Professional (CCP) - Required. Must hold at hire or obtain within 6 months.
  • CMMC Certified Assessor (CCA) - Strongly preferred at hire. Required within 12 months of hire.
  • CMMC Registered Practitioner (RP) - Accepted as starting credential if pursuing CCP/CCA on defined timeline.

Preferred Certifications:
(any combination adds value):
  • CompTIA Security+ (SY0-701).
  • Certified Information Systems Security Professional (CISSP).
  • Certified Information Security Manager (CISM).
  • Certified Information Systems Auditor (CISA).
  • NIST Risk Management Framework (RMF) training or certification.
  • CompTIA CySA+.

Skills & Competencies:
  • Exceptional technical writing: SSPs, policies, and compliance documents must be clear, thorough, and assessment-ready.
  • Strong client communication: ability to explain complex compliance requirements to non-technical business owners and executives in plain language.
  • Task decomposition: ability to take a high-level control gap (e.g., "AC.L2-3.1.3 Not Met") and break it into 5-10 specific, actionable remediation tasks with enough detail for a technician to execute.
  • Project management: manage multiple clients, track deadlines, escalate blockers, and maintain visibility across all active engagements.
  • Attention to detail: CMMC assessments are evidence-based. Missing or incomplete evidence can fail a control regardless of implementation quality.
  • Ability to work independently while coordinating with Security Engineers, client stakeholders, and firm leadership.

Compensation:
Pay rate ranges from $95,000.00/annum up to $145,000.00/annum and may vary by experience and location.
Benefits:
  • Medical Insurance Plan.
  • Dental & Vision.
  • Life Insurance.
  • Disability Coverage.
  • Paid Time Off (starts at 15 days per year).
  • Maternity/Paternity Leave.
  • Paid US Holiday.
  • Retirement Plan.
  • Salary Advancement/Loan.
  • Health & Wellness Program.
  • Company-paid training and certification.
  • Supplemental Life Insurance (Employee-paid).
  • Supplemental Health Plans (Employee-paid).