CYBER SECURITY AUDIT AND COMPLIANCE SPECIALIST

Ignite is an ISO 9001:2015 and CMMI Services Level 3 and Development Level 2 certified, Service-Disabled Veteran-Owned Small Business (SDVOSB), headquartered in Huntsville, AL. By design, Ignite is a provider of professional services to customers in educational, federal, and commercial industries and in every action seeks to be the preeminent provider within this business space.

Location: U.S. Coast Guard Aviation Logistics Center (ALC) – Information Systems Division (ISD)
Clearance Requirement: SECRET

Position Overview:

The Cyber Security Audit and Compliance Specialist (SME) serves as a technical authority responsible for evaluating, implementing, and maintaining cybersecurity controls, policy compliance, and Risk Management Framework (RMF) processes. This role provides leadership in audit readiness, vulnerability management, cybersecurity documentation, and control implementation aligned with NIST standards. The specialist will engage with internal and external security stakeholders to ensure the continuous security and compliance of enterprise systems.

Key Responsibilities:

• Conduct comprehensive evaluations of existing security tools, policies, and vulnerability management procedures to ensure compliance with federal regulations and industry best practices.

• Assist the Security Controls Auditor in validating security controls, performing risk assessments, and supporting RMF accreditation processes.

• Develop and maintain cybersecurity policies, standard operating procedures, and documentation aligned with NIST SP 800-series and other federal security requirements.

• Lead planning and scheduling of cybersecurity initiatives and projects, monitor progress, and report findings to stakeholders.

• Analyze system vulnerabilities, develop POA&Ms (Plans of Action and Milestones), and oversee remediation activities.

• Collaborate with customers, technical teams, and external security organizations to implement security measures and maintain audit readiness.

• Provide technical guidance, training, and support on cybersecurity best practices, compliance requirements, and documentation.

• Evaluate, test, monitor, and update security policies, controls, and system security configurations across hardware, firmware, and software components.

• Identify cybersecurity incidents or violations, determine root causes, and establish mitigation procedures to prevent recurrence.

This position is pending contract award.

Minimum Education and Qualifications:

• Bachelor’s or associate degree in Computer Science, Information Technology, Engineering, Math, or a related field, or a minimum IT Certification.
  (Six years of relevant experience may be substituted for three years of education.)

  
  

Required Experience and Skills:

• Six (6) years of experience in cybersecurity, including cyber program support or compliance assurance.

• Six (6) years of experience with Security Information and Event Management (SIEM) systems.

• Six (6) years of hands-on experience working within the Risk Management Framework (RMF).

• Basic technical knowledge in Active Directory, UNIX, Windows, and relational database systems.

• Deep understanding of NIST special publications (e.g., SP 800-53, SP 800-37) and federal accreditation and authorization processes.

• Demonstrated ability to evaluate complex security controls, communicate effectively, and support mission assurance objectives.

• SECRET clearance required.