Cybersecurity Controls

Cybersecurity Controls & Compliance Analyst

Job Locations

US-TN-Oak Ridge

ID

2025-4213

Category

Information Technology

Type

Full Time

Overview

This position supports the U.S. Department of Energy Office of Scientific and Technical Information (DOE OSTI) in its mission to ensure the long-term preservation and accessibility of DOE scientific and technical information. The role focuses on assessing cybersecurity controls, supporting audit readiness, and ensuring compliance with federal cybersecurity frameworks and OSTI's internal policies. This role is primarily focused on compliance and documentation rather than hands-on technical work. This is onsite in Oak Ridge, TN.

Responsibilities

Position-Specific Duties

• Evaluate and document the effectiveness of cybersecurity controls across OSTI's network and systems.
• Support internal and external audits, including evidence collection, control mapping, and remediation tracking.
• Support and partner with stakeholders in conducting risk assessments and gap analyses to ensure alignment with NIST, FISMA, and DOE cybersecurity requirements.
• Collaborate with system owners and technical teams to ensure security controls are implemented and maintained.
• Monitor compliance with OSTI's cybersecurity policies, procedures, and standards.
• Maintain and update system security plans (SSPs), risk registers, and control documentation.
• Assist in the development and refinement of cybersecurity governance processes.
• Analyze security event data to identify control weaknesses and recommend improvements.
• Support the implementation of continuous monitoring strategies and reporting mechanisms.
• Coordinate with third-party cybersecurity teams and federal oversight bodies as needed.
• Prepare technical documentation and compliance reports for internal and external stakeholders.
• Stay current on cybersecurity regulations, audit trends, and best practices.
• Assist with installation, configuration, and maintenance of security tools used for compliance monitoring.
• Perform other duties as assigned.

Qualifications

Education, Training, Experience

• High school diploma required.
• Prefer degree or coursework in cybersecurity, information assurance, audit, or related field.
• Minimum of 3 years' experience in cybersecurity, audit, or compliance roles.

Knowledge, Skills, Abilities

• Possesses strong understanding of cybersecurity frameworks (e.g., NIST SP 800-53, FISMA, RMF), implementing and adapting them to specific organizational needs.
• Performs risk assessments, identifies control gaps, and recommends strategic remediation efforts based on organizational risk appetite.
• Supports audits, leads audit responses and compliance assessments, coordinates evidence collection, and develops corrective action plans in a federal or regulated environment.
• Leverages SIEM tools (e.g., Splunk), vulnerability management, and control monitoring platforms.
• Works independently and collaboratively across technical and non-technical teams.
• Exhibits excellent analytical, documentation, and communication skills.
• Detail-oriented with a commitment to quality assurance and continuous improvement.
• Manages multiple projects and deadlines in a fast-paced environment.
• Maintains a high level of initiative, customer service, and professional growth mindset.

Physical Abilities

• Ability to sit for long periods.
• Ability to view computer monitors for long periods.

Ability to provide proof of US Citizenship on your first day of employment to obtain a DOE HSPD-12 Badge in accordance with the terms of the contract. Department of Energy OSTI's policy direction requires all employees employed on this contract to be citizens of the United States.

We are proud to be an EEO/AA employer M/F/D/V. We maintain a drug-free workplace and perform pre-employment substance abuse testing.

About Us:

Edgewater Federal Solutions is a privately held government contracting firm located in Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services, and timely delivery. Edgewater Federal Solutions is ISO 9001, 20000-1, 270001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies for 2018 through 2024.

It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other status protected by applicable law.

#LI-SW1

---