™
Cybersecurity Compliance Specialist
Core Responsibilities:
In this role, you will:
Serve as the foremost authority on NIST SP 800-53, SP 800-171, and FedRAMP control requirements, working alongside cloud engineers, security personnel, and NASA ISSO stakeholders to translate compliance mandates into actionable engineering guidance. Your documentation, leadership, and technical rigor will shape the authorization and continuous monitoring of a platform that is actively expanding across new service boundaries and capability families.
A typical day might begin with reviewing updated control implementation evidence for an active ATO package or coordinating with the NASA ISSO on a compliance finding flagged during continuous monitoring. By midday you could be authoring new SSP sections for an expanding system boundary, translating a complex NIST control into step-by-step engineering guidance, or presenting compliance status to program leadership. You might be evaluating OSCAL-based tooling to automate evidence generation, assessing whether a proposed architecture change affects the authorization boundary, or working with AI-assisted tools to accelerate documentation. The work is substantive and directly tied to the secure operation of NASA critical infrastructure.
Minimum Qualifications:
Bachelor's Degree in Computer Science, Cybersecurity, IT, or equivalent
6 or more years of relevant cybersecurity compliance experience
Deep knowledge of NIST SP 800-53 and NIST SP 800-171 control frameworks
Experience authoring and maintaining System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), and Security Assessment Reports (SARs)
Familiarity with FedRAMP or FISMA authorization processes
Experience working within a federal or NASA IT environment
Strong technical writing and compliance documentation skills
Ability to communicate complex compliance requirements clearly to engineering and leadership audiences
Working familiarity with OSCAL (Open Security Controls Assessment Language) or willingness to develop OSCAL-based SSP and assessment workflows
Comfort using AI-assisted tooling to accelerate compliance workflows such as control mapping, evidence summarization, and documentation drafting
Ability to excel in a remote work environment
Must be a U.S. citizen and obtain a US Government background investigation.
Preferred Qualifications:
Experience with Google Cloud Platform (GCP) security tooling such as Security Command Center and Chronicle
Familiarity with ITAR-controlled systems or CUI handling requirements
CISSP, CAP, Security+, or equivalent certification
Experience with continuous monitoring automation tools
Prior NASA or federal civilian agency ATO experience
Hands-on experience with OSCAL tooling (e.g., NIST OSCAL CLI, Trestle, or similar) or machine-readable SSP generation
Experience using AI tools to accelerate compliance documentation, gap analysis, or control implementation guidance
Pay & Benefits
Salary is part of an overall compensation package and is determined within a range. This provides the opportunity for you to grow and develop within a role.
The salary range for this role is between $100,000 and $160,000, and your salary will depend on your skills, qualifications, experience and location.
You will also receive benefits including: Comprehensive medical, dental, and vision coverage with a health savings account, a 401k retirement plan with company match, and company paid life and disability insurance. We also offer permissive leave and holidays.
RA231 is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin,