IT Audit & Compliance Analyst (Federal Cybersecurity Frameworks)

About The Position

Requirements

• Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse.
• Bachelor’s degree in information systems, Cybersecurity, Computer Science, Accounting/IS Audit, or a discipline related to this project.
• Three (3) or more years of IT Audit & Compliance experience.
• Experience implementing or assessing NIST SP 800‑53 control requirements in production environments (cloud and/or on‑prem).
• Knowledge of federal cybersecurity and audit frameworks. (This could include NIST SP 800‑37 (RMF), NIST SP 800‑171, FISMA, FISCAM, OMB Circular A‑123, or FedRAMP.)
• Demonstrated ability to create accurate, assessor‑ready documentation (This could include: SSPs, procedures/SOPs, control narratives, POA&Ms, ConMon reporting, evidence packages).

Nice To Haves

• Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred.
• Preference will be given to candidate's located within the DC Metropolitan area.
• Active and/or the ability to maintain a Top-Secret security clearance.
• Federal consulting experience.
• Relevant certifications including, but not limited to: CISA, CGRC, CISM, CISSP, and CCSP.
• Experience supporting internal audits or external assessments (e.g., 3PAO, independent assessor, IG, state/federal auditors).
• Familiarity with enterprise processes such as IT Service Management, Change Management, and SDLC/DevSecOps workflows that commonly supply audit evidence.
• Experience collecting and organizing technical and procedural evidence such as IAM configurations, logging/monitoring outputs, vulnerability scans, patch evidence, change records, architecture diagrams, and DR/backup artifacts.
• Understanding of common security domains: access management, configuration hardening, vulnerability management, logging/monitoring, incident response, backup/DR, encryption/key management, and SDLC/DevSecOps.
• Strong written and verbal communication skills, with the ability to work across diverse teams and translate technical concepts into assessor‑friendly language.

Responsibilities

• Coordinate internal and external audit activities across federal information systems, ensuring teams, schedules, evidence, and documentation remain audit‑ready.
• Prepare, maintain, and organize assessor‑ready artifacts including SSPs, control narratives, SOPs, POA&Ms, continuous monitoring reports, and structured evidence packages.
• Interpret and apply requirements from federal cybersecurity and audit frameworks, including: NIST SP 800‑53 (security and privacy controls), NIST SP 800‑37 (RMF), NIST SP 800‑171 (CUI), FISMA, FISCAM, OMB Circular A‑123, FedRAMP, and adjacent frameworks such as SOC 1/2, HIPAA, the Privacy Act, and IRS Publication 1075.
• Support audit readiness activities by coordinating evidence collection with engineering, ISSO/ISSM, infrastructure, cloud, and application teams.
• Track audit findings, maintain POA&M items, and facilitate remediation progress across technical and business teams.
• Translate technical implementations into clear, assessor‑ready documentation through strong technical writing and stakeholder coordination.
• Draft and refine policies, procedures, and control narratives, and coordinate teams through internal audits, readiness assessments, and corrective action plans.

Benefits

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend