Support the development of technical standards and compliance policies based on frameworks such as CIS, DISA STIG, NIST, PCI-DSS, ISO, and HIPAA.
Configure and manage disk partitioning, filesystems, mount options, and LVM layouts for secure system deployments.
Configure and manage auditd services, audit rules, log retention policies, and audit log analysis to support security monitoring, traceability, and compliance reporting.
Implement secure authentication and access control mechanisms including SSH hardening, PAM configuration, sudo policies, password controls, account restrictions, and cron/at access management.
Write and maintain Bash/shell scripts to automate compliance checks, remediation activities, configuration validation, and reporting tasks.
Research security hardening updates, understand control intent and rationale, and document implementation approaches, exceptions, and remediation procedures for Linux systems.
Support the development of AI-assisted tools and basic agent workflows under guidance from senior team members.
Update and improve existing content as benchmarks, policies, and customer requirements evolve.
Support customers by helping identify and address compliance gaps with practical, well-documented solutions.
Requirements
experience to join our organization.
The ideal candidate has foundational to intermediate hands-on knowledge of Linux systems, scripting, and security frameworks, along with a growing interest in automation and AI-powered tooling.
Responsibilities Technical Research & Policy Support Assist in analyzing and documenting compliance controls across platforms including Windows, Linux, macOS, and network devices.
Linux Systems & Hardening Analyze, interpret, and implement Linux security hardening and compliance configuration
Work with Linux systems across enterprise distributions including RHEL, Ubuntu, CentOS, and Debian.
Harden Linux systems by configuring kernel parameters, disabling unnecessary kernel modules, and applying secure sysctl settings.
Work with critical Linux configuration files including /etc/passwd, /etc/shadow, sudoers, SSH configuration, PAM modules, fstab, systemd services, and audit configurations.
Automation & AI-Assisted Tooling Write and maintain automation scripts using Python, Shell scripting, and PowerShell to support compliance workflows.
Explore and apply LLM APIs (e.g., OpenAI, Anthropic Claude) to assist with research, content generation, and task automation.
Learn and apply prompt engineering techniques to interact effectively with AI models for compliance use cases.
Content Development & Collaboration Develop and maintain compliance scripts using PowerShell, Python, and shell scripting.
experience including: At least one RHEL-based distribution (RHEL / CentOS / Rocky / Alma) At least one Debian-based distribution (Ubuntu / Debian) Working knowledge of disk partitioning, filesystems, and mount management Basic to intermediate understanding of SELinux modes and contexts (good to have) Familiarity with kernel parameter tuning via sysctl
Experience with Linux auditing (auditd, audit rules, ausearch, aureport) Exposure to Linux system hardening guidelines (CIS Benchmarks or DISA STIG) Ability to read, write, and troubleshoot Bash/shell scripts Comfort working with system files: /etc/passwd, sudoers, SSH config, PAM, cron, syslog Automation & Scripting (Required) Python scripting (preferred for automation) Basic to intermediate proficiency Ability to independently write functional automation scripts Used in place of shell where more
Experience using AI-assisted development (“vibe coding”) tools such as GitHub Copilot, ChatGPT, Claude, Cursor, or similar tools to accelerate scripting, troubleshooting, research, and automation workflows Familiarity with or curiosity about LLM APIs (OpenAI, Anthropic Claude, or similar) and prompt-driven automation workflows Familiarity with or curiosity about LLM APIs (OpenAI, Anthropic Claude, or similar) General Technical Skills Foundational knowledge of Windows, Linux, macOS, networking, and database
Basic understanding of the MITRE ATT&CK framework Exposure to APIs and tools like Postman is a plus Required Soft Skills Strong written and verbal communication skills Eager to learn, grow, and take on new challenges Team player who can collaborate in a distributed team environment Organized and attentive to detail with a commitment to quality Ability to manage assigned tasks independently with minimal supervision Preferred Qualities Self-motivated with a genuine interest in security and compliance
requirements and priorities Interest in AI/ML trends and how they apply to security and automation
Experience
Required Technical Skills Linux 2+ years of hands-on
Additional details
Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are looking for a motivated and detail-oriented Compliance Research Analyst with 2–3 years of
This role involves research, analysis, and scripting to support the development and maintenance of compliance policies, technical standards, and target configuration as per CIS/DISA benchmarks.
We value curiosity, a willingness to learn, and a strong work ethic over perfection. Key
Help map controls to industry frameworks (e.g., MITRE, NIST) and document control categories, criticality ratings, and remediation steps.
requirements across enterprise server environments.
Configure and maintain SELinux in enforcing mode, including policy configuration, contexts, and validation of confined services.
Contribute to automation libraries and reusable script templates for compliance checks and remediation.
Work with cross-functional teams (Development, QA, Infrastructure) to deliver quality output on time.