IT Audit & Compliance Analyst – Federal Cybersecurity Frameworks
Job Description:
• Guidehouse is seeking an IT Audit & Compliance professional to help our client at a large federal agency pursue and maintain compliance with federal cybersecurity frameworks.
• This role focuses on audit preparation and coordination. The candidate will:
• Coordinate internal and external audit activities across federal information systems, ensuring teams, schedules, evidence, and documentation remain audit‑ready.
• Prepare, maintain, and organize assessor‑ready artifacts including SSPs, control narratives, SOPs, POA&Ms, continuous monitoring reports, and structured evidence packages.
• Interpret and apply requirements from federal cybersecurity and audit frameworks, including: NIST SP 800‑53 (security and privacy controls), NIST SP 800‑37 (RMF), NIST SP 800‑171 (CUI), FISMA, FISCAM, OMB Circular A‑123, FedRAMP, and adjacent frameworks such as SOC 1/2, HIPAA, the Privacy Act, and IRS Publication 1075.
• Support audit readiness activities by coordinating evidence collection with engineering, ISSO/ISSM, infrastructure, cloud, and application teams.
• Track audit findings, maintain POA&M items, and facilitate remediation progress across technical and business teams.
• Translate technical implementations into clear, assessor‑ready documentation through strong technical writing and stakeholder coordination.
• Draft and refine policies, procedures, and control narratives, and coordinate teams through internal audits, readiness assessments, and corrective action plans.
Requirements:
• Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse.
• Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred.
• Bachelor’s degree in information systems, Cybersecurity, Computer Science, Accounting/IS Audit, or a discipline related to this project.
• Three (3) or more years of IT Audit & Compliance experience.
• Experience implementing or assessing NIST SP 800‑53 control requirements in production environments (cloud and/or on‑prem).
• Knowledge of federal cybersecurity and audit frameworks. (This could include NIST SP 800‑37 (RMF), NIST SP 800‑171, FISMA, FISCAM, OMB Circular A‑123, or FedRAMP.)
• Demonstrated ability to create accurate, assessor‑ready documentation (This could include: SSPs, procedures/SOPs, control narratives, POA&Ms, ConMon reporting, evidence packages).
• Preference will be given to candidate's located within the DC Metropolitan area.
Benefits:
• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend
Apply Now
Apply Now
• Guidehouse is seeking an IT Audit & Compliance professional to help our client at a large federal agency pursue and maintain compliance with federal cybersecurity frameworks.
• This role focuses on audit preparation and coordination. The candidate will:
• Coordinate internal and external audit activities across federal information systems, ensuring teams, schedules, evidence, and documentation remain audit‑ready.
• Prepare, maintain, and organize assessor‑ready artifacts including SSPs, control narratives, SOPs, POA&Ms, continuous monitoring reports, and structured evidence packages.
• Interpret and apply requirements from federal cybersecurity and audit frameworks, including: NIST SP 800‑53 (security and privacy controls), NIST SP 800‑37 (RMF), NIST SP 800‑171 (CUI), FISMA, FISCAM, OMB Circular A‑123, FedRAMP, and adjacent frameworks such as SOC 1/2, HIPAA, the Privacy Act, and IRS Publication 1075.
• Support audit readiness activities by coordinating evidence collection with engineering, ISSO/ISSM, infrastructure, cloud, and application teams.
• Track audit findings, maintain POA&M items, and facilitate remediation progress across technical and business teams.
• Translate technical implementations into clear, assessor‑ready documentation through strong technical writing and stakeholder coordination.
• Draft and refine policies, procedures, and control narratives, and coordinate teams through internal audits, readiness assessments, and corrective action plans.
Requirements:
• Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse.
• Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred.
• Bachelor’s degree in information systems, Cybersecurity, Computer Science, Accounting/IS Audit, or a discipline related to this project.
• Three (3) or more years of IT Audit & Compliance experience.
• Experience implementing or assessing NIST SP 800‑53 control requirements in production environments (cloud and/or on‑prem).
• Knowledge of federal cybersecurity and audit frameworks. (This could include NIST SP 800‑37 (RMF), NIST SP 800‑171, FISMA, FISCAM, OMB Circular A‑123, or FedRAMP.)
• Demonstrated ability to create accurate, assessor‑ready documentation (This could include: SSPs, procedures/SOPs, control narratives, POA&Ms, ConMon reporting, evidence packages).
• Preference will be given to candidate's located within the DC Metropolitan area.
Benefits:
• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend
Apply Now
Apply Now