IT Security Specialist I – Compliance and Governance

GAMA-1 TechnologiesKey Biscayne, FL
Hybrid

About The Position

The IT Security Specialist I – Compliance and Governance is responsible for providing senior-level leadership for cybersecurity governance, risk management, compliance, and audit readiness activities in a remote and on-site environment. This role oversees the implementation, assessment, and continuous monitoring of security controls to ensure compliance with federal regulations and frameworks, including NIST, FISMA, RMF, FISCAM, and ISO 27001. Success in this role is demonstrated by maintaining audit readiness, strengthening organizational compliance, effectively managing cybersecurity risk, and driving continuous improvement across security governance and compliance programs.

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, Information Assurance, Engineering, Business, or a related field (or equivalent combination of education and experience).
  • 8+ years of progressive experience supporting cybersecurity governance, compliance, risk management, information assurance, or audit readiness programs.
  • Minimum of 5 years serving in a senior Information Assurance (IA), Governance, Risk, and Compliance (GRC), or cybersecurity management role.
  • Demonstrated experience supporting federal civilian or cabinet-level agency cybersecurity programs.
  • Hands-on experience utilizing CSAM or similar Governance, Risk, and Compliance (GRC) platforms.
  • Extensive knowledge of NIST SP 800-53, FISMA, A-123, FISCAM, RMF, and related federal cybersecurity frameworks.
  • Working knowledge of ISO 27001 principles and Information Security Management Systems (ISMS).
  • Experience developing, reviewing, and assessing security controls, compliance documentation, and audit artifacts.
  • Experience managing POA&M processes, vulnerability remediation activities, and risk mitigation efforts.
  • Strong analytical, organizational, communication, and technical writing skills.
  • Ability to communicate complex technical and compliance concepts to both technical and non-technical audiences.
  • Ability to obtain a security clearance.

Responsibilities

  • Leads cybersecurity compliance, governance, risk management, and audit readiness efforts by overseeing security controls, assessments, documentation, and regulatory compliance activities to support and maintain a strong federal cybersecurity posture.
  • Provide direct support to cybersecurity, compliance, governance, and information assurance personnel while leading compliance and governance activities supporting FISMA, NIST SP 800-53, A-123, FISCAM, RMF, ISO 27001, and agency-specific cybersecurity requirements.
  • Oversee the implementation, documentation, assessment, and continuous monitoring of security controls across assigned systems and environments, including governance activities within governance, risk, and compliance (GRC) platforms.
  • Coordinate and support internal and external audits, assessments, inspections, and reviews conducted by OIG, GAO, independent assessors, and agency stakeholders; develop and maintain audit-ready documentation, compliance artifacts, and governance records.
  • Review, validate, and approve Plans of Action and Milestones (POA&Ms); monitor remediation efforts through closure; and coordinate penetration testing, vulnerability reviews, security control assessments, and compliance evaluations to identify and address security gaps.
  • Support risk management activities, including risk identification, analysis, mitigation planning, executive reporting, and the preparation of monthly compliance, risk, and security posture reports for federal leadership and program stakeholders.
  • Develop and maintain security governance documentation, including policies, procedures, standards, control narratives, system security documentation, transition plans, continuity documentation, and operational handoff artifacts.
  • Provide expert guidance to technical, operational, and program management teams and collaborate with cybersecurity, infrastructure, application, cloud, and business stakeholders to ensure security requirements are effectively implemented and maintained.
  • Evaluate changes to federal cybersecurity regulations, NIST publications, OMB guidance, and industry standards, and support continuous process improvement initiatives that strengthen compliance, audit readiness, and risk management capabilities.

Benefits

  • health insurance coverage
  • life and disability insurance
  • 401(k) savings plan
  • training and career development opportunities
  • paid holidays
  • paid time off (PTO - to cover vacation, illness or disability, appointments, emergencies or other situations that require time off from work)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service