CMMC Compliance Engineer

About CyberSheath

CyberSheath Services International LLC is a rapidly growing Managed Services Provider specializing in CMMC Compliance and Cybersecurity services for the Defense Industrial Base (DIB). We're expanding our team due to strong growth and seeking talented professionals to join our mission of integrating compliance and threat mitigation efforts while eliminating redundant security practices.

Our approach focuses on advising clients where to stop spending, where to invest strategically, and how to integrate existing security measures to deliver improved security posture. We seek self-motivated, independent problem-solvers who think creatively, get results, and prioritize doing the right thing—even when no one is watching.

The Role: CMMC Compliance Engineer

As a CMMC Compliance Engineer, you'll design, implement, and maintain data protection controls that safeguard Controlled Unclassified Information (CUI) across Microsoft 365 and Azure environments. You'll ensure alignment with CMMC Level 2 and NIST 800-171 requirements while supporting our clients' compliance journeys.

Key Responsibilities

• Design, deploy, and manage Microsoft Purview Data Loss Prevention (DLP) policies across Exchange Online, SharePoint Online, OneDrive, Teams, and endpoint workloads
• Implement and maintain Microsoft Purview sensitivity labels, including taxonomy, protection settings, encryption, and user experience alignment
• Configure and enforce auto-labeling and trainable classifiers to identify and protect CUI, export-controlled data, and other regulated information types
• Integrate DLP and labeling controls with Conditional Access, endpoint controls, and Defender workloads to support defense-in-depth security strategies
• Tune DLP policies to balance compliance enforcement with business usability, minimizing false positives while maintaining audit integrity
• Support audit readiness and evidence collection, including documentation of DLP configurations, labeling schemas, policy enforcement, and control mappings to NIST 800-171 and CMMC practices
• Collaborate with compliance, security operations, and engineering teams to remediate data handling gaps identified through assessments, audits, or incident response activities

Required Experience

• Hands-on experience implementing Microsoft Purview DLP in regulated or compliance-driven environments
• Practical experience with sensitivity labels, auto-labeling, and trainable classifiers in Microsoft 365
• Working knowledge of NIST 800-171 requirements and CMMC framework practices
• Understanding of CUI handling requirements and export control principles
• Experience with Microsoft Conditional Access, Defender for Cloud Apps, or similar security controls
• Familiarity with audit and compliance documentation processes
• Strong communication skills for working across technical and non-technical teams

What We're Looking For

Successful candidates are self-starters willing to wear multiple hats in a fast-growing environment. You'll thrive in our culture by demonstrating initiative, independent problem-solving, and a commitment to excellence. We seek team members eager to be part of our upward trajectory and capable of adapting in a dynamic, rapidly evolving cybersecurity landscape.

💰 Compensation not publicly listed. Market estimate for similar roles: from $80K, varying by experience and location.