Newmoyergeospatial
Fractional Cybersecurity Specialist / CMMC Consultant (Part-Time) NGS
Newmoyergeospatial, Mission, Kansas, United States
Fractional Cybersecurity Specialist / CMMC Consultant (Part-Time)
Location:
Remote
Company:
Newmoyer Geospatial Solutions (NGS)
Type:
Contract / Fractional (Part-Time, ~10 hrs/week)
About NGS
NGS builds modern geospatial and C5ISR software for the U.S. Department of Defense and other federal customers. We leverage open-source technology and deep mission expertise to deliver secure, scalable systems that solve real-world problems for warfighters and government agencies. We are a small, focused team with a strong track record of delivering complex solutions under real constraints. Our customers rely on us to cut through the noise, move fast, and deliver results that work.
The Role
We’re hiring a Fractional Cybersecurity Specialist / CMMC Consultant to lead and implement NGS’s cybersecurity and compliance efforts as we prepare for
CMMC Level 2
certification. This is a
hands‑on
execution‑focused role designed for someone who understands the realities of small‑business government contracting and can translate compliance requirements into practical, streamlined processes. You will work closely with NGS leadership to evaluate our current security posture, design and implement required controls, update policies and documentation, oversee tooling and monitoring, and ensure we are fully prepared for third‑party assessment.
NGS has intentionally adopted a
minimal, lightweight CMMC architecture
built around Google Workspace Enterprise, secure Windows endpoints, and controlled cloud infrastructure. This role is ideal for someone who understands how to balance real security needs with operational simplicity and who enjoys helping small teams become assessment‑ready without unnecessary overhead.
Responsibilities CMMC Strategy & Implementation
Lead the implementation of
CMMC Level 2
requirements across all relevant domains (Access Control, Audit & Accountability, Incident Response, System & Information Integrity, etc.).
Assess current security posture, conduct gap analysis, and develop a clear plan to achieve CMMC compliance with minimal disruption to the business.
Advise NGS leadership on control implementation options, tooling, and documentation needed to demonstrate compliance during assessments.
Technical Execution & Tooling
Implement and operationalize required technical controls, including endpoint hardening, audit logging, MFA enforcement, VPN use, and secure configuration baselines.
Support configuration of Google Workspace Enterprise controls (access, data protection, logging, monitoring) as part of the company’s approved CMMC architecture.
Ensure secure configuration of Windows endpoints, security agents, and any supporting cloud systems used for development or operations.
Assist with deployment and configuration of SIEM/logging solutions, vulnerability scanning, and patch management processes.
Policy, Documentation & Evidence Management
Draft, refine, and maintain required policies, procedures, and plans (incident response, access control, configuration management, etc.).
Prepare assessment‑ready documentation, including SSP (System Security Plan), POA&Ms, asset inventories, network diagrams, and control evidence artifacts.
Train staff on security practices, procedures, and their responsibilities as part of CMMC readiness.
Assessment Preparation & Support
Prepare NGS for third‑party assessment by running internal readiness reviews, collecting evidence, and validating that all required controls are properly implemented.
Support the company during assessments, responding to assessor questions and providing required documentation.
Advise leadership on maintaining compliance post‑assessment and establishing recurring review cycles.
Ideal Experience
Has
7+ years of cybersecurity experience , with hands‑on expertise implementing security controls in small or medium‑sized organizations.
Deep understanding of
CMMC Level 2, NIST SP 800-171, and 800-171A
– able to explain, implement, and validate controls.
Experience securing environments aligned with NGS’s architecture:
Google Workspace Enterprise ,
Windows 11
endpoints, VPN‑based remote access, and cloud‑hosted development environments.
Strong technical skills in endpoint security, identity and access management, vulnerability management, logging/monitoring, encryption, and security configuration baselines.
Experience writing and maintaining cybersecurity policies, procedures, and system security documentation, particularly SSPs and POA&Ms.
Background supporting
DoD or other federal government contractors
– especially small businesses undergoing CMMC or NIST 800-171 compliance.
Comfortable working independently in a part‑time role and capable of delivering high‑quality results with limited oversight.
U.S. citizenship is required.
Ability to obtain a
Secret clearance
is preferred.
What You Get
Flexible part‑time schedule:
Approx. 10 hours per week, remote, with autonomy to manage your deliverables.
High‑impact work:
You will directly shape NGS’s readiness for CMMC Level 2 and help build a strong, efficient security foundation for future growth.
Hands‑on execution:
This role is not advisory‑only—your work will directly implement controls, configure systems, and produce assessment‑ready documentation.
Collaboration with leadership:
Work closely with the CEO and CTO on security strategy and operational decisions.
Mission focus:
Support a team building modern geospatial and C5ISR tools for defense missions, ensuring our systems meet the highest security standards.
Apply Now To apply, please use the form on our careers page. Include:
Your resume
A brief note describing your cybersecurity experience and CMMC/NIST 800-171 expertise
#J-18808-Ljbffr
Remote
Company:
Newmoyer Geospatial Solutions (NGS)
Type:
Contract / Fractional (Part-Time, ~10 hrs/week)
About NGS
NGS builds modern geospatial and C5ISR software for the U.S. Department of Defense and other federal customers. We leverage open-source technology and deep mission expertise to deliver secure, scalable systems that solve real-world problems for warfighters and government agencies. We are a small, focused team with a strong track record of delivering complex solutions under real constraints. Our customers rely on us to cut through the noise, move fast, and deliver results that work.
The Role
We’re hiring a Fractional Cybersecurity Specialist / CMMC Consultant to lead and implement NGS’s cybersecurity and compliance efforts as we prepare for
CMMC Level 2
certification. This is a
hands‑on
execution‑focused role designed for someone who understands the realities of small‑business government contracting and can translate compliance requirements into practical, streamlined processes. You will work closely with NGS leadership to evaluate our current security posture, design and implement required controls, update policies and documentation, oversee tooling and monitoring, and ensure we are fully prepared for third‑party assessment.
NGS has intentionally adopted a
minimal, lightweight CMMC architecture
built around Google Workspace Enterprise, secure Windows endpoints, and controlled cloud infrastructure. This role is ideal for someone who understands how to balance real security needs with operational simplicity and who enjoys helping small teams become assessment‑ready without unnecessary overhead.
Responsibilities CMMC Strategy & Implementation
Lead the implementation of
CMMC Level 2
requirements across all relevant domains (Access Control, Audit & Accountability, Incident Response, System & Information Integrity, etc.).
Assess current security posture, conduct gap analysis, and develop a clear plan to achieve CMMC compliance with minimal disruption to the business.
Advise NGS leadership on control implementation options, tooling, and documentation needed to demonstrate compliance during assessments.
Technical Execution & Tooling
Implement and operationalize required technical controls, including endpoint hardening, audit logging, MFA enforcement, VPN use, and secure configuration baselines.
Support configuration of Google Workspace Enterprise controls (access, data protection, logging, monitoring) as part of the company’s approved CMMC architecture.
Ensure secure configuration of Windows endpoints, security agents, and any supporting cloud systems used for development or operations.
Assist with deployment and configuration of SIEM/logging solutions, vulnerability scanning, and patch management processes.
Policy, Documentation & Evidence Management
Draft, refine, and maintain required policies, procedures, and plans (incident response, access control, configuration management, etc.).
Prepare assessment‑ready documentation, including SSP (System Security Plan), POA&Ms, asset inventories, network diagrams, and control evidence artifacts.
Train staff on security practices, procedures, and their responsibilities as part of CMMC readiness.
Assessment Preparation & Support
Prepare NGS for third‑party assessment by running internal readiness reviews, collecting evidence, and validating that all required controls are properly implemented.
Support the company during assessments, responding to assessor questions and providing required documentation.
Advise leadership on maintaining compliance post‑assessment and establishing recurring review cycles.
Ideal Experience
Has
7+ years of cybersecurity experience , with hands‑on expertise implementing security controls in small or medium‑sized organizations.
Deep understanding of
CMMC Level 2, NIST SP 800-171, and 800-171A
– able to explain, implement, and validate controls.
Experience securing environments aligned with NGS’s architecture:
Google Workspace Enterprise ,
Windows 11
endpoints, VPN‑based remote access, and cloud‑hosted development environments.
Strong technical skills in endpoint security, identity and access management, vulnerability management, logging/monitoring, encryption, and security configuration baselines.
Experience writing and maintaining cybersecurity policies, procedures, and system security documentation, particularly SSPs and POA&Ms.
Background supporting
DoD or other federal government contractors
– especially small businesses undergoing CMMC or NIST 800-171 compliance.
Comfortable working independently in a part‑time role and capable of delivering high‑quality results with limited oversight.
U.S. citizenship is required.
Ability to obtain a
Secret clearance
is preferred.
What You Get
Flexible part‑time schedule:
Approx. 10 hours per week, remote, with autonomy to manage your deliverables.
High‑impact work:
You will directly shape NGS’s readiness for CMMC Level 2 and help build a strong, efficient security foundation for future growth.
Hands‑on execution:
This role is not advisory‑only—your work will directly implement controls, configure systems, and produce assessment‑ready documentation.
Collaboration with leadership:
Work closely with the CEO and CTO on security strategy and operational decisions.
Mission focus:
Support a team building modern geospatial and C5ISR tools for defense missions, ensuring our systems meet the highest security standards.
Apply Now To apply, please use the form on our careers page. Include:
Your resume
A brief note describing your cybersecurity experience and CMMC/NIST 800-171 expertise
#J-18808-Ljbffr