IT Compliance Administrator - Top Secret

About The Position

Requirements

• Working knowledge of IT governance, risk management, and compliance (GRC) principles.
• Knowledge of and experience supporting compliance efforts aligned with the following standards and frameworks: ISO 9000 (Quality Management Systems) ISO/IEC 20000 (IT Service Management) ISO/IEC 27001 (Information Security Management Systems) NIST SP 800-171 Revision 2 (Protecting Controlled Unclassified Information) NIST SP 800-171 Revision 3 NIST SP 800-53 (Security and Privacy Controls for Information Systems and Organizations)
• Understanding of control frameworks, security controls, and compliance documentation requirements.
• Experience with audit preparation, evidence collection, and remediation tracking.
• Strong documentation, analytical, and organizational skills.
• Ability to interpret regulatory requirements and translate them into practical IT and security controls.
• Effective communication skills, with the ability to work across technical and non-technical teams.

Nice To Haves

• Bachelor’s degree in Information Technology, Cybersecurity, Information Systems, or a related field. Experience and certifications may be substituted for degree.
• 5-7 Years of relevant experience
• Prior experience in an IT compliance, information security, or audit support role.
• Familiarity with GRC tools and compliance management platforms.
• Certifications such as CISA, ISO Lead Implementer/Auditor, CMMC Certified Auditor, or similar (preferred but not required).
• Experience supporting government, defense, or regulated industry compliance programs.

Responsibilities

• Support the development, implementation, and maintenance of IT compliance policies, standards, procedures, and controls.
• Assist with compliance activities related to information security, service management, and quality management frameworks.
• Coordinate and support internal and external audits, including preparation of documentation, evidence collection, and remediation tracking.
• Perform periodic compliance assessments, gap analyses, and risk assessments against applicable frameworks and standards.
• Maintain compliance documentation, including system security plans (SSPs), policies, procedures, and control mappings.
• Track and monitor corrective action plans (CAPs), plans of action and milestones (POA&Ms), and risk remediation efforts.
• Collaborate with IT and security teams to ensure controls are implemented, operating effectively, and aligned with regulatory and contractual requirements.
• Monitor changes to regulatory and standards-based requirements and assess impact to the organization.
• Support vendor and third-party risk assessments related to IT and information security compliance.
• Assist in developing compliance metrics, dashboards, and reporting for leadership.
• Provide guidance and awareness to staff regarding compliance requirements and best practices.