We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
New

Compliance Project Manager Consultant (1099 Contractor)

SANS Institute
$125.00 - $150.00 / hr
remote work
Jul 07, 2026

About SANS

Founded in 1989, SANS Institute (SANS) began as a cooperative research and education organization. Over the next 25 years, it grew to become the most trusted and widely recognized provider of information security training and certification in the world. Today, SANS has served more than 300,000 cybersecurity professionals around the world, with more than 60,000 earning Global Information Assurance Certification (GIAC) security certifications-the leading certification that provides assurance to employers that their people and prospective hires can do the job.

At the heart of SANS is a community of practitioners, from auditors and network administrators to CISOs, who share their lessons learned and collaborate on solutions to the challenges they face. These experts, working across corporations, government agencies, and universities, come together to support and strengthen the global information security community.

Contract Opportunity

SANS is seeking a Compliance Project Manager Consultant to support our Technology team through a contract engagement. This role will focus on providing project management services for the organization's CMMC Level 2 compliance initiative. This engagement encompasses both the technical transition to a compliant cloud infrastructure and the broader transformation of business processes required to achieve and sustain CMMC certification.

An initial scoping and gap assessment have already been completed. This engagement begins with validating and refining the Controlled Unclassified Information (CUI) boundary to reduce the remediation scope, followed by coordinating the organization's compliance activities through successful completion of a third-party CMMC assessment.

The consultant will serve as the primary project management resource for the engagement, coordinating activities across designated stakeholders, tracking progress against agreed-upon milestones, identifying project risks, and providing executive-level reporting throughout the engagement. Internal technical teams will remain responsible for implementing technical controls and operational changes.

This is a high-visibility contract engagement requiring an experienced consultant who can effectively coordinate a fully remote workforce, facilitate targeted cloud infrastructure initiatives, and guide cross-functional teams through the project activities necessary to establish and document a CMMC-compliant operating environment.

Estimated Engagement Duration: 18 months, subject to project needs and mutual agreement of the parties.

Scope of Work

The services to be provided under this engagement include:



  • Validate and refine the existing CUI boundary to reduce remediation scope and confirm assessment readiness.
  • Coordinate activities across IT Security, IT Operations, IT Engineering, and business stakeholders to support implementation of required CMMC practices and controls.
  • Track compliance initiatives, dependencies, corrective action plans, and project deliverables through completion.
  • Coordinate policy, process, and documentation updates required to support compliance and assessment readiness.
  • Identify project risks, develop mitigation strategies, escalate issues as appropriate, and recommend corrective actions to maintain project objectives.
  • Deliver project closeout documentation, transition materials, and final reporting upon completion of the engagement.
  • Provide regular executive updates regarding project status, risks, budget, schedule, and overall assessment readiness.
  • Coordinate cloud infrastructure and system migration activities necessary to support CMMC compliance, working collaboratively with internal engineering and operations teams.
  • Facilitate cross-functional meetings, document action items, and maintain accountability for project milestones and agreed-upon deliverables.
  • Partner with the Internal Audit & Compliance team to coordinate assessments, evidence collection, documentation, and remediation activities.
  • Develop, maintain, and manage the integrated project plan, project schedule, milestones, dependencies, risk register, and executive status reporting.
  • Collaborate with stakeholders to ensure project objectives and deliverables are met.
  • Communicate progress, risks, and recommendations as needed.
  • Perform related project work and deliverables within the scope of the engagement, as mutually agreed upon.



Required Experience

Successful candidates will demonstrate:



  • Demonstrated experience managing cybersecurity, compliance, governance, or risk-focused IT projects.
  • Experience coordinating technical teams across security, infrastructure, cloud, engineering, and operations functions.
  • Demonstrated understanding of AWS and enterprise system architectures, with the ability to engage credibly with technical stakeholders regarding system dependencies, data flows, and compliance boundary considerations.
  • Ability to quickly assess existing compliance artifacts and develop an actionable project plan with minimal onboarding.
  • Strong project management, organizational, communication, facilitation, and stakeholder management skills in remote work environments.
  • Strong organizational, communication, and problem-solving skills.
  • Ability to work independently and manage priorities in a remote environment.
  • Demonstrated ability to deliver high-quality work within established timelines.


Preferred Experience



  • Working knowledge of CMMC, NIST SP 800-171, or comparable cybersecurity compliance frameworks, including the ability to engage with control requirements and System Security Plan (SSP)/implementation documentation.
  • Experience leading or coordinating a CMMC Level 2 compliance initiative through third-party assessment and certification.
  • Experience performing CUI boundary validation and remediation planning within an active compliance program.
  • Familiarity with AWS cloud infrastructure in regulated or compliance-driven environments.
  • PMP, CSM, CISSP, CISA, CRISC, or similar professional certifications.



Contractor Information

This opportunity is structured as a 1099 independent contractor engagement and is not a W-2 employment position.

Contractors are responsible for their own taxes, insurance, equipment, business expenses, and any other obligations associated with operating as an independent contractor.

Approved business travel required for the engagement may be reimbursed in accordance with SANS travel and expense guidelines and must be approved in advance by a designated SANS representative.

Candidates must be legally authorized to provide services in the United States.

SANS evaluates contractors based on relevant experience, demonstrated expertise, and their ability to successfully deliver the work outlined in the scope of the engagement.


Applied = 0

(web-77cf7d65c7-rcc7h)