Systems Analyst / Security Compliance Auditor

***Remote opportunity with occasional on-site meetings at NOAA/NMFS offices in Silver Spring, MD.

Position Overview

We are seeking a Junior Systems Analyst / Security Compliance Auditor to support ongoing cybersecurity and compliance initiatives for a federal IT environment. This role will focus on ensuring that IT systems, applications, and infrastructure maintain continuous compliance with federal cybersecurity mandates, agency-specific policies, and internal security standards.

The ideal candidate will assist in maintaining a mature and effective security compliance program by supporting audits, conducting security assessments, reviewing policies, and providing recommendations to strengthen the organization's overall cybersecurity posture.

Key Responsibilities

Security Compliance & Audit Support

• Assist in developing and executing a comprehensive IT security audit program designed to evaluate compliance across systems, applications, and infrastructure.
• Perform technical security assessments, configuration compliance reviews, and vulnerability assessments in accordance with federal security requirements.
• Support continuous monitoring efforts to ensure systems remain compliant with applicable cybersecurity regulations and security baselines.

Policy Review & Process Improvement

• Review existing IT security policies, procedures, and documentation to evaluate effectiveness and identify areas for improvement.
• Provide recommendations to strengthen internal security controls and ensure alignment with federal regulations, agency requirements, and industry best practices.
• Assist in maintaining and updating compliance documentation, security procedures, and audit artifacts.

Reporting & Risk Management

• Document audit findings and security assessment results in detailed reports for management review.
• Identify security vulnerabilities, compliance gaps, and potential risks, while providing actionable remediation recommendations.
• Support tracking and follow-up of remediation activities to ensure timely resolution of identified issues.

Cybersecurity Compliance Support

• Provide support in interpreting and applying federal cybersecurity compliance frameworks and standards.
• Assist with compliance activities related to:
• Federal Information Security Modernization Act (FISMA)
• NIST Risk Management Framework (RMF)
• Privacy Act compliance requirements
• Agency-specific cybersecurity and privacy policies
• Collaborate with internal teams to ensure security controls are implemented and maintained in accordance with federal standards.

Required Qualifications

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Information Systems, or a related field (or equivalent professional experience).
• 1–3 years of experience supporting IT systems administration, cybersecurity, security compliance, or audit activities.
• Basic understanding of federal cybersecurity frameworks including NIST RMF, FISMA, and security compliance standards.
• Experience with JCAM application designed to help federal agencies streamline compliance, security, and authorization processes is preferred.
• Experience performing vulnerability assessments, system security reviews, or compliance audits.
• Ability to analyze technical security findings and communicate recommendations clearly.
• Strong written communication skills with experience preparing technical reports and documentation in Word or PowerPoint format.
• Ability to work independently while collaborating effectively within a team environment.