Compliance Monitoring & Reporting Analyst

3 Reasons Consulting•Charleston, SC

2d•Hybrid

About The Position

3 Reasons Consulting, LLC (3RC) is seeking a qualified CyOC Enterprise Compliance Monitoring & Reporting (ECMR) Analyst to provide onsite technical and compliance support at the Naval Information Warfare Center (NIWC) Atlantic in Charleston, SC. This full-time position supports the Defensive Cyberspace Operations (DCO) Integrated Product Team (IPT), which is responsible for protecting Defense Health Agency (DHA) subscriber networks from unauthorized activity, vulnerabilities, and threats. The ECMR Analyst will coordinate and ensure compliance with cybersecurity directives, manage reporting programs, and support vulnerability management and monitoring efforts while collaborating with internal and external teams in both onsite and remote environments. Services to be performed include, but are not limited to: Coordinate and track compliance with directives and issuances from JFHQ-DODIN and DHA. Support Information Assurance and Vulnerability Management (IAVM), Vulnerability Disclosure Program (VDP), and POA&M coordination. Consolidate data and ensure compliance with DoD Cyber Scorecard and internal DCO directives. Manage asset tags in the Cyber Operational Attribute Management System (COAMS). Administer DHA’s Continuous Monitoring and Risk Scoring (CMRS) reporting program. Monitor tools and interfaces for compliance and operational insights (e.g., Splunk, Trellix ePO). Provide customer support and manage system access requests. Maintain and update standard operating procedures (SOPs). Provide documentation and status updates to leadership and support remote collaboration. Manage and prioritize tasks to meet short suspense deadlines and project timelines. Participate in project management activities, including tracking deliverables and documenting progress. Support additional DCO-related taskings as assigned.

Requirements

Bachelor’s degree in a relevant technical field or a minimum of three years of equivalent work experience.
DoD 8570 IAM Level I certification (Required).
Demonstrated ability to analyze and address deficiencies impacting mission effectiveness.
Experience in process or project management, cybersecurity compliance, and technical documentation.
Familiarity with enterprise IT environments, including IP management, networking fundamentals, host-based security tools (e.g., Trellix, MDE), and commercial cloud services.
Experience with monitoring and collaboration tools such as Splunk, ACAS, Armis, Xpanse, Microsoft Teams, Confluence, and SharePoint.
Proficiency with MS Excel, Word, Visio, Adobe Acrobat, and OneDrive.
Strong written and verbal communication skills, including the ability to explain technical concepts to varied audiences.
High attention to detail and strong logical reasoning.
Ability to work independently or with minimal supervision in a team environment.
Active Secret Security Clearance (Required)

Nice To Haves

Project management experience is a plus.

Responsibilities

Coordinate and track compliance with directives and issuances from JFHQ-DODIN and DHA.
Support Information Assurance and Vulnerability Management (IAVM), Vulnerability Disclosure Program (VDP), and POA&M coordination.
Consolidate data and ensure compliance with DoD Cyber Scorecard and internal DCO directives.
Manage asset tags in the Cyber Operational Attribute Management System (COAMS).
Administer DHA’s Continuous Monitoring and Risk Scoring (CMRS) reporting program.
Monitor tools and interfaces for compliance and operational insights (e.g., Splunk, Trellix ePO).
Provide customer support and manage system access requests.
Maintain and update standard operating procedures (SOPs).
Provide documentation and status updates to leadership and support remote collaboration.
Manage and prioritize tasks to meet short suspense deadlines and project timelines.
Participate in project management activities, including tracking deliverables and documenting progress.
Support additional DCO-related taskings as assigned.