Cybersecurity & Compliance Analyst (Information Security Analyst I)

Job Summary

Ascension LLC is seeking a Cybersecurity & Compliance Analyst (Information Security Analyst I) to support the National Science Foundation (NSF), Office of the Chief Human Capital Officer (OCHCO), in coordination with the Office of the Chief Information Officer (OCIO).

This role is critical to ensuring that NSF’s human capital systems, analytics platforms, and HR technology ecosystem operate in full compliance with federal cybersecurity and data privacy standards, including FISMA, FedRAMP, and NIST 800-53.

The ideal candidate is an early-career cybersecurity professional who is passionate about protecting federal data, supporting compliance frameworks, and enabling secure digital transformation across enterprise HR systems and analytics platforms. This role directly supports NSF’s mission to modernize human capital analytics while safeguarding sensitive workforce data and systems.

Position Summary

The Cybersecurity & Compliance Analyst will support NSF OCHCO’s mission to modernize human capital analytics and HR technology by ensuring all systems, data, and processes meet federal security, privacy, and compliance requirements.

The ideal candidate is:

• Detail-oriented and analytical, with strong documentation and assessment skills
• Self-driven and capable of working in a dynamic, evolving federal environment
• Proactive in identifying risks, compliance gaps, and remediation strategies
• Able to support multiple systems, stakeholders, and compliance frameworks simultaneously

This role will focus on:

• Supporting security assessments, audits, and compliance documentation
• Monitoring adherence to FISMA, FedRAMP, NIST 800-53, and Section 508 requirements
• Assisting with continuous monitoring, vulnerability tracking, and reporting
• Ensuring secure handling of HR data, workforce analytics platforms, and enterprise systems

The candidate will help NSF reduce risk, strengthen governance, and maintain compliance across its HR technology and analytics ecosystem.

Key Responsibilities / Day-to-Day Activities

• Conduct security control assessments aligned with NIST 800-53 and agency policies
• Support FISMA and FedRAMP compliance monitoring and reporting activities
• Review system security plans (SSPs), POA&Ms, and audit documentation
• Track vulnerabilities, risks, and remediation efforts across HR systems and platforms
• Assist with continuous monitoring activities, including security metrics and dashboards
• Coordinate with OCIO and system owners to ensure compliance with IT security policies
• Document compliance artifacts, audit findings, and corrective action plans
• Support incident response documentation and reporting activities
• Evaluate access controls, identity management, and MFA implementation
• Perform data privacy reviews to ensure compliance with the Privacy Act and federal data policies
• Participate in security reviews for systems such as SAP SuccessFactors, ServiceNow, and analytics platforms
• Contribute to quarterly and annual security compliance assessments and reports
• Ensure Section 508 accessibility compliance for digital tools and reporting outputs
• Assist with security awareness and compliance training tracking

Minimum / Required Qualifications

• Bachelor’s Degree in Cybersecurity, Information Systems, Computer Science, or related field
• 3–5 years of experience in cybersecurity, information assurance, or compliance support
• Knowledge of federal cybersecurity frameworks:
  • FISMA
  • NIST 800-53
  • FedRAMP
• Experience supporting:
  • Security documentation (SSP, POA&M, ATO artifacts)
  • Risk assessments and compliance reviews
• Familiarity with:
  • Identity and Access Management (IAM)
  • Multi-Factor Authentication (MFA)
• Experience with Microsoft 365 environment (SharePoint, Teams, etc.)
• Strong analytical, documentation, and communication skills

Certifications (Preferred but not required):

• CompTIA Security+
• Certified Information Systems Security Professional (CISSP) (Associate acceptable)
• Certified Information Security Manager (CISM)

Desired Skills / Preferred Qualifications

• Experience supporting federal HR systems or enterprise IT environments
• Familiarity with:
  • SAP SuccessFactors
  • ServiceNow
  • Power Platform (Power BI, Power Automate)
• Experience with vulnerability scanning tools and compliance dashboards
• Knowledge of:
  • NIST 800-171 (CUI)
  • OMB A-130
  • Privacy Act (5 U.S.C. § 552a)
• Exposure to ATO processes or RMF lifecycle
• Experience supporting audits or Inspector General reviews
• Understanding of data governance and privacy controls in analytics environments

Suitability / Security Requirements

• Ability to obtain and maintain a Federal Public Trust (Moderate Risk)
• Must pass background investigation in accordance with federal requirements

Benefits

• Paid time off

Work Location

Hybrid remote in Washington, DC 20590