TSC

Cybersecurity Audit & Compliance Analyst

TSC

full-time

Posted on:

Location Type: Hybrid

Location: ArlingtonAlabamaVirginiaUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cyber Security

About the role

  • Help formalize
  • implement
  • and maintain enterprise-level cybersecurity and data handling policies.
  • Lead the review and socialization of security mandates to ensure cross-functional alignment with federal standards.
  • Develop and maintain the System Security Plan (SSP)
  • Security Assessment Reports (SAR)
  • and associated artifacts to provide a rigorous
  • defensible account of the security control environment.
  • Support the execution of formal gap analyses and risk assessments across federal regulatory frameworks.
  • Provide data-driven insights to mitigate vulnerabilities.
  • Serve as a technical contributor for external federal audits and third-party assessments.
  • Manage the end-to-end evidence lifecycle
  • ensuring all technical artifacts are verified
  • organized
  • and available for regulatory review.
  • Serve as a functional representative within the Incident Response (IR) team to document event timelines and post-incident reporting
  • ensuring all federal reporting obligations are met.
  • Oversee management of audit artifacts to ensure they meet requirements and are readily accessible on demand.
  • Design and deliver technical cybersecurity training programs
  • ensuring that the technical workforce understands their specific roles in maintaining our security authorizations.
  • Support the cybersecurity team in the administration of security tools
  • including Microsoft 365 Security and Purview
  • to monitor data sensitivity
  • review audit telemetry
  • and validate that technical configurations consistently mirror established policy.

Requirements

  • Bachelor’s degree in Cybersecurity
  • Information Systems
  • or a related field plus 2-4 years of experience in GRC
  • Information Assurance
  • or Technical Compliance within a federal-regulated environment.
  • US Citizenship with the ability to obtain and maintain a US security clearance.
  • Demonstrated experience in authoring formal cybersecurity policies
  • procedural documentation
  • and System Security Plan (SSP).
  • Hands-on experience navigating security portals to pull telemetry and verify control status.
  • Deep understanding of federal data protection standards and regulatory frameworks.
  • Experience supporting the implementation or administration of advanced security tools such as Microsoft Defender for Endpoint (Plan 2) or Microsoft Sentinel.
  • Relevant industry certifications such as Security+
  • CySA+
  • Microsoft SC-200
  • CISA
  • CCP
  • CCA
  • or CISSP.
  • Familiarity with the NIST AI Risk Management Framework or general interest in the security governance of Generative AI.
Benefits
  • TSC offers a stable work environment
  • a competitive salary
  • a comprehensive benefit package; including ESOP participation
  • 401K Plan
  • Flexible Work Schedules
  • Tuition Reimbursement
  • Co-Sponsored Health Plan
  • Paid Leave
  • and much more.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecurity policiesSystem Security Plan (SSP)Security Assessment Reports (SAR)gap analysesrisk assessmentsdata sensitivity monitoringaudit telemetry reviewtechnical configurationssecurity complianceincident response documentation
Soft Skills
cross-functional alignmentdata-driven insightstechnical contributionorganizational skillstraining program deliverycommunication skillscollaborationproblem-solvingattention to detailleadership
Certifications
Security+CySA+Microsoft SC-200CISACCPCCACISSP