Cyber Compliance Analyst (Subject Matter Expert)

Job Description

ECS is seeking a Cyber Compliance Analyst (Subject Matter Expert) to work in our Washington, DC office.

Position Summary:
ECS seeks a Cyber Compliance Analyst and Subject Matter Expert to design, implement, and mature enterprise-wide continuous monitoring across a highly federated environment encompassing 400+ information systems. The role combines planning, establishing, and deploying a OA/CONMON Program; monitoring the program system(s); analyzing security data; and enabling enterprise systemic, automated observability and compliance. This position is full time/permanent supporting a U.S. Government civilian agency and is available upon selection of a qualified candidate with the appropriate background clearance.

Position Responsibilities:

• Analyze, integrate, and operate an enterprise continuous monitoring program spanning 400+ systems, enabling both centralized visibility and domain-level autonomy.
• Define data ingestion, normalization, and correlation patterns across multi-cloud, on-prem, and containerized workloads; implement resilient pipelines and schemas supporting operational and analytic use cases.
• Embed monitoring and security controls into CI/CD workflows; codify monitoring configurations via IaC; implement automated testing and policy-as-code for guardrails.
• Build and maintain dashboards, SLOs/SLIs, and executive reporting for availability, performance, and risk; reduce noise and alert fatigue through tuning and adaptive thresholds.
• Lead root-cause analysis and post-incident reviews; drive corrective actions and architectural improvements across domains.
• Establish common policies, standards, metrics, and procedures aligned to NIST SP 800-137, SP 800-53/53A, SP 800-30/-37/-39, and relevant 1800 series practice guides; harmonize with RMF, FedRAMP, and CMMC ConMon expectations.
• Orchestrate vulnerability management at scale, integrating scanner outputs with CMDB/eGRC for risk-based remediation and POA&M tracking.
• Partner with architects and engineers to design systemic, automated controls and telemetry paths as the enterprise matures; champion Zero Trust-aligned observability (identity, device, network, application, and data planes).
• Provide ongoing enablement and training to domain teams; cultivate a community of practice for ConMon across the enterprise.
• Collaborate with executive stakeholders to translate technical risk into business impact and to sequence investments on an enterprise roadmap.

Salary Range: $145,000 - $155,000

General Description of Benefits

Required Skills

• Demonstrated expertise in operating continuous monitoring (ConMon) capabilities at enterprise scale in federated environments (400+ systems).
• Expert-level knowledge of core ConMon processes and tooling, including data collection, normalization, alerting, correlation, dashboarding, and metrics.
• Experience with hybrid/multi-cloud proficiency across AWS, Microsoft Azure, and Google Cloud Platform, including native monitoring services (e.g., Amazon CloudWatch, Azure Monitor).
• Security & compliance expertise: SIEM correlation and incident response runbooks; hands-on vulnerability management at scale; applied knowledge of RMF, FedRAMP, and CMMC ConMon requirements; alignment with NIST SP 800-137, SP 800-53/53A, and related guidance.
• Strong stakeholder management, negotiation, and communication skills to drive standardization without eroding domain autonomy.
• Proven root-cause analysis across layered architectures and proactive engineering to prevent alert fatigue and reduce mean time to detect/respond (MTTD/MTTR).
• Governance experiences in establishing common metrics, policies, and procedures for ConMon across disparate domains; ability to lead through influence.
• Prior work in highly federated federal environments and complex inter-component data sharing.
• Direct Experience with Monitoring & Tooling (non-exhaustive):
  • Asset Management: CMDB (asset discovery, incident/change integration, visualization)
  • CDM Data Platform: Elastic
  • General Monitoring/Telemetry: Datadog; next-gen/firewall telemetry ingestion
  • GRC: Archangel (or equivalent eGRC)
  • Network/IDS/IPS Telemetry: Azure Firewall (and related network security services)
  • SIEM: Splunk, SolarWinds Security Event Manager (SEM), Microsoft Sentinel
  • Storage/Lakehouse: Data lakes for security/ops analytics
  • Vulnerability Management: Tenable, Rapid7, Qualys, Wiz
  • XDR/EDR: Microsoft Defender

Certifications/Licenses:

• Bachelor's degree in computer science, MIS/IT, Engineering, Information Security/IA, or related field (or equivalent experience).
• One or more preferred certifications: CISSP, CISM, CISA, CAP, GSEC, Security+, CRISC, CEH, or equivalent.
• Active Top Secret (TS) clearance (or higher) required.

Desired Skills

Additional Experience Preferred:

• Experience designing dashboards and service-level objectives (SLOs) for security and reliability.
• Familiarity with Zero Trust observability patterns and policy enforcement telemetry.
• Container and orchestration monitoring (Docker, Kubernetes), with experience integrating telemetry from service meshes and microservices.
• DevOps/CI-CD integration of monitoring and security controls; experience embedding gates and guardrails in pipelines.
• Infrastructure as Code (IaC) for monitoring resources (Terraform, Ansible), including policy-as-code and drift detection.
• Systems architecture and data engineering acumen: data federation patterns, streaming/ETL-ELT pipelines, schema and data-model design that supports both operations and analytics.
• Automation experience (e.g., Python, PowerShell, REST) to reduce manual data collection/triage and to orchestrate response.

#ECS1

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3500+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.