Sr. Security RMF Audit Analyst

Synergy BIS
Elizabeth City, NC

:

NOTE: This role is contingent on the contract being awarded.

Synergy Business Innovation & Solutions is a premier implementer of cutting-edge software solutions. Synergy brings the experience and expertise necessary to deliver capability that provides tangible ROI to our customers. Synergy's core areas of expertise are in the fields of Digital Transformation, Cloud Solutions, SaaS and Low-Code/No-Code solutions, Emerging Technologies, Data analytics and Visualization, Information Assurance, and Business Process Re-Engineering.

Synergy offers its employees a generous portfolio of core and voluntary benefits including group medical, dental, and vision insurance, HSA, FSA, 401(k) with immediately vested company match, PTO/Sick Leave, 11 paid federal holidays, company paid life, short-term and long-term disability insurance, tuition and training reimbursement, fitness/wellness reimbursement, a referral bonus program, and life management programs.

At Synergy, you'll be challenged and given the opportunity to grow in your career path. In fact, growth is such a big deal to us that you will have dedicated career coaches available for every employee, company-funded certification opportunities, education reimbursement, and a general open-door policy so that you have support when you need it. Our team is eager to learn, fast-paced, and quality-driven—if that sounds like you, Synergy has a position for you!

NOTE: This role is contingent on the contract being awarded. Position Summary: Synergy is seeking a Sr. Security RMF Audit Analyst to support the United States Coast Guard (USCG) at the Aviation Logistics Center (ALC)—Information Systems Division (ISD). The Sr. Security RMF Audit Analyst will lead audit preparation and execution, support continuous RMF lifecycle activities, and oversee compliance with federal cybersecurity requirements across on-premises, virtual, and cloud-hosted systems. This position will serve as a senior technical advisor in security compliance efforts, guiding cross-functional teams through POA&M development, control remediation, ATO documentation, and continuous monitoring in accordance with NIST 800-53, DHS 4300A, and FISMA standards. Primary Responsibilities:
  • Oversee the Risk Management Framework (RMF) lifecycle, including assessment, authorization, and continuous monitoring across all ALC-ISD systems.
  • Lead and coordinate internal and external cybersecurity audits, including pre-audit readiness assessments and post-audit remediation tracking.
  • Validate the implementation of security controls (NIST SP 800-53 Rev. 5) and ensure they are effectively documented within System Security Plans (SSPs), Security Assessment Reports (SARs), and related artifacts.
  • Design and implement vulnerability management strategies, assess threat vectors, and develop comprehensive Plans of Action and Milestones (POA&Ms).
  • Analyze cyber risks and provide guidance on remediation strategies aligned with DHS policy and evolving cybersecurity threats.
  • Perform and document risk assessments, penetration testing coordination, and impact analyses to evaluate the security posture of information systems.
  • Collaborate with Security Control Assessors (SCAs), engineers, ISSOs, and DevSecOps teams to ensure audit alignment with enterprise system modernization efforts.
  • Manage and maintain audit packages, compliance dashboards, and evidence repositories using platforms like Jira, Confluence, and SharePoint.
  • Assess and validate configurations of infrastructure (e.g., Windows, Linux, databases, Active Directory) for compliance with security benchmarks (e.g., DISA STIGs, CIS).
  • Draft and update security-related documentation including SOPs, incident response plans, and security test procedures.
  • Serve as a subject matter expert to stakeholders on RMF best practices, ATO sustainment, and security documentation management.
  • All other duties as assigned by management.
Skills/Qualifications:
  • Advanced knowledge of NIST RMF, NIST SP 800-37, 800-53, DHS 4300A, and FISMA compliance.
  • Experience preparing and maintaining RMF ATO documentation and conducting system assessments.
  • Familiarity with Security Information and Event Management (SIEM) platforms for log analysis and incident monitoring.
  • Proficient in evaluating and documenting security configurations and technical implementations for federal systems.
  • Strong understanding of cybersecurity audit workflows, control testing, and risk-based prioritization of vulnerabilities.
  • Excellent writing and communication skills, capable of producing technical documentation and executive summaries.
  • Experience in Agile or DevSecOps environments, with a strong understanding of security integration within CI/CD pipelines.
Education/Experience Requirements:
  • Bachelor's or Associate's degree in Computer Science, Math, Information Technology, Engineering, or related field. Two (2) years of directly relevant experience may substitute for one (1) year of formal education.
  • Minimum of five (5) years of experience in Information security with auditing and IT controls design experience.
  • Minimum of five (5) years of experience with Security Information and Event Management (SIEM).
  • Minimum of five (5) years of experience in the risk management framework.
  • Hands-on experience with Active Directory, Windows/UNIX systems, and relational databases in secure environments.
  • Previous support of federal government enterprise systems or DHS/DOD programs is strongly preferred.
Clearance:
  • U.S. citizenship required
  • Must have an active DoD Secret Clearance.
Certification Requirement:
  • CompTIA Security+
  • Additional certifications (Network+, AWS Certified Cloud Practitioner, Microsoft Azure Fundamentals, Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), ITIL Foundation, TOGAF, or other cybersecurity architecture certifications) are a plus.
Work Location:
  • Elizabeth City, NC - Hybrid
  • North Carolina Region - Must be able to go on-site at least three days a week
Compensation for roles at Synergy varies depending on a wide variety of factors including but not limited to the requirements of the role; education and certifications; knowledge, training, skills and abilities; level of experience; geographic location; and alignment with market data, law, and other business and organizational needs. As required by local law, the posted pay range represents the lowest to the highest pay that Synergy believes in good faith it might pay for this particular job, depending on the circumstances. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case.

Essential Job Function Physical Requirements: The physical requirements of this position are critical in evaluating the qualifications and abilities of an applicant or employee. The physical efforts needed to perform the essential duties of this job 90% of the time are repetitive motions, grasping, holding, and finger dexterity of the hands, reading, writing, eye-hand coordination, color distinction, and full visual abilities, hearing, talking, sitting, and use of IT equipment, phones, and office machines.

To a reduced degree, <30% of the time, candidates may have to stand, walk, lift 0-30 pounds, push or pull objects, climb stairs, bend, squat, reach, drive a car, or work overtime.

Synergy is an equal opportunity employer, and does not discriminate against applicants for employment or its employees on the basis of age, race (including hair texture/style), creed, color, religion, religious creed, ancestry, national origin, ethnic origin, sexual orientation, gender identity or expression, military or veteran status, sex, medical condition, pregnancy (childbirth, breastfeeding, and related medical conditions), physical or mental disability, personal appearance, organ donation and hair length associated with race, genetic information or characteristics, family responsibilities, familial status, marital status, citizenship or immigration status, status as a victim of domestic violence, a sexual offense, or stalking, political affiliation, arrest records and criminal convictions, credit information, matriculation, homeless status, or any other characteristic protected by federal, state and local law. Discrimination or harassment based upon these protected categories is expressly prohibited. This policy applies to all aspects of employment, including job selection, assignment, promotion, compensation, benefits, training, discipline and termination.

#LI-Hybrid

Posted 2026-06-30

Recommended Jobs

Multifamily Construction Project Manager

Element Construction Llc
Greensboro, NC

Job Description Job Description Project Manager Element Construction is a vertically integrated multifamily developer builder with a focus on Class A multifamily projects across the South East…

View Details
Posted 2026-06-24

Remote Customer Service Representative

Escape Travel by Jonelle
Raleigh, NC

Company Description Escape Travel by Jonelle is a remote-based travel service dedicated to helping clients plan memorable and stress-free trips. The company focuses on personalized travel experience…

View Details
Posted 2026-06-24

Full Time Forklift Operator/Load Builder Needed in the Great State of North Carolina

Contract Lumber
Whiteville, NC

Location: Whiteville , North Carolina   Salary Range: Up to $18/Hr. (Based on Experience) Full Benefits, Profit Sharing & 401K Monday – Friday, 1 st Shift (Flexible) 40hrs/wk. (ability to…

View Details
Posted 2026-05-18

Dishwasher

First Watch Restaurants, Inc.
Hickory, NC

Overview Our YOU FIRST Philosophy In addition to no night shifts, ever and our fully chef-curated menu, our #1 priority has always been our people. We care about our customers, and we care …

View Details
Posted 2026-06-29

Handyman Needed (Wilmington)

Lula
Wilmington, NC

Job Description Job Description Lula is looking for a 1099 Handyman Pro to help with property maintenance of several thousand rental properties across the Wilmington area . We are seeking ind…

View Details
Posted 2026-04-23

Experienced Financial Software Engineer

Galatea Associates
Durham, NC

Job Description Job Description Galatea is looking for an experienced Financial Software Engineer to join our growing team!  We are at the center of the digital revolution in finance and are look…

View Details
Posted 2026-06-13

Internet Sales Manager/Social Media Manager

Porsche Charlotte Northlake
Charlotte, NC

Job Description Job Description ```html Porsche Charlotte Northlake is seeking a dynamic and experienced Internet/Social Media Manager to join our team in Charlotte, NC. This role is responsibl…

View Details
Posted 2026-06-29

Director of Operations and Business Development

Cornerstone Caregiving
Greenville, NC

About the job We are looking for someone who: Wants to leave behind the typical structured, 8-5 desk job Is willing to bet on themselves and be financially rewarded for it Enjoys problem-sol…

View Details
Posted 2026-04-11

Septic Service Technicians and Drivers

Quality Homes Consultants Inc
Hendersonville, NC

Job Description Job Description Septic inspection company in Hendersonville seeking full-time septic technicians and CDL drivers. Multiple positions currently open. Prior septic technician experi…

View Details
Posted 2026-06-05

Sr. Electrical Engineer

KnowHireMatch
Rocky Mount, NC

Please read full job description before applying to ensure match: Candidates must have a Degree in Engineering with focus on Electrical throughout career. CAD (incl. Drafting) required, and PMP is a …

View Details
Posted 2026-06-30