Cyber Compliance Officer - DoD TS clearance required Security Clearance

Position: Cyber Compliance Officer - DoD TS clearance required with Security Clearance
This position requires an ACTIVE DoD security clearance. Applicants who do not currently hold an active clearance will not be considered.

About Us:

PMAT is an innovative small business founded with a passion for developing forward-leaning solutions from exceptional people that increase the mission's capability. We focus on designing and building impactful digital solutions that utilize modern cloud, data, and software concepts. Our passion is working on complex and progressive challenges such as edge platform computing, containerizing legacy platforms, distributed data platforms, or heterogeneous data analysis.

We recruit, retain, and foster a team motivated to pursue passions, investigate new ways of doing things, and embody an innovative and entrepreneurial spirit. We believe in being curious about every element of a problem and experiment relentlessly. We foster continuous learning in an environment that encourages positive collaboration and expands our capabilities. We tap into collective intelligence, acknowledging that the most brilliant people may not be in the room.

Above all else, we believe that delivering and demonstrating is more potent than a sheet of paper. We are passionate about mission-centric design and delivering effective capabilities to and for the warfighter. Whether you're an experienced engineer or just beginning your career, you'll work alongside experts who are committed to solving mission-critical problems. If you're passionate about using your skills to make a real difference, apply today and become part of a team that's shaping the future of defense technology!

In this role, you'll lead and mature PMAT's internal cybersecurity program, working alongside engineering, IT, and executive leadership to shape a strong, modern security posture. You'll protect corporate systems, manage enterprise risk, and help teams move fast and responsibly, enabling growth, innovation, and compliance without sacrificing agility.

About the role:

The Cyber Compliance Officer is responsible for establishing , implementing, and maintaining the cybersecurity program for assigned information systems. You will ensure compliance with DoD, DON, and NIST requirements, manage risk, and serve as the senior cybersecurity authority responsible for corporate compliance oversight and project-level cybersecurity compliance as required . Responsibilities:
Governance & Compliance
* Lead the Risk Management Framework (RMF) lifecycle for assigned systems.
* Maintain the System Security Plan (SSP) and all RMF artifacts.
* Ensure continuous monitoring, POA&M management, and annual reviews.
* Coordinate with AO, SCA, ISSO, and system owners.
* Lead corporate cybersecurity compliance initiatives, including CMMC (32 CFR P art 170) , NIST SP 800-171, FISMA, CSIP, and related regulatory frameworks.
* Support project-level compliance activities as needed, including RMF documentation and validation efforts.
* Manage IATO/ATO and IATT/ATT processes and documentation.
* Conduct internal auditing and readiness assessments to ensure compliance posture.
* Ensure timely documentation updates across all security artifacts and compliance records. Cybersecurity Program Leadership
* Develop and enforce cybersecurity policies and procedures.
* Oversee ISSOs and ensure proper execution of security tasks.
* Manage cybersecurity workforce qualifications (DoD 8140/8570).
* Conduct internal audits and readiness assessments.
* Lead incident response planning and ensure preparedness across corporate and project environments. Technical Oversight
* Validate system configurations against STIGs and security baselines.
* Ensure vulnerability scanning, patching, and remediation.
* Oversee secure system design, integration, and change management.
* Approve or deny system changes from a cybersecurity perspective. Risk Management
* Identify , document, and communicate cybersecurity risks.
* Recommend mitigations and risk acceptance strategies.
* Prepare risk briefings for leadership and the Authorizing Official. Incident Response & Reporting
* Coordinate with the Cybersecurity Service Provider (CSSP).
* Ensure proper detection, reporting,…