Information Security Analyst (RMF/Compliance Analyst)

Security Analysis
Hyattsville, Maryland, US
June 3, 2026
Full Time
Apply Now

Job Description

Company: eTRANSERVICES

Location: Hyattsville, US

An Active Public Trust Clearance is required for these positions.

Summary

Risk Management Framework and Cloud Security Operations Support Service

Key Duties:
• Assist in development, review, and maintenance of System Security Plans (SSPs) and SA&A supporting artifacts under the direction of LCAT-02
• Develop, track, and update POA&M entries monthly; maintain 100% monthly update AQL across all assigned NCHS systems
• Conduct policy analysis and develop Policy Analysis & Gap Assessment Reports comparing NCHS practices against evolving NIST, HHS, CDC, and OMB requirements
• Support FISMA reporting activities and data calls submitted to DHS and OMB on behalf of the NCHS ISSO/SSPO
• Develop and maintain Process Documentation, SOPs, templates, and process flow diagrams (e.g., SSP templates, Change Request SOPs, risk assessment templates)
• Develop annual RMF/security Training Materials and Delivery Plans for NCHS staff and stakeholders (due first week of November)
• Conduct ISSO Intranet Content Review and produce the associated report with accuracy confirmation and update recommendations (due first week of February)
• Perform security control reviews and gap analyses; support weakness remediation tracking and documentation
• Contribute to weekly Project Management/Status Reports and Monthly RMF Status Reports

.

Qualifications:

3–6 years of federal information security, RMF, or IT compliance experience
• Solid working knowledge of NIST SP 800-37, 800-53, 800-30, 800-18, FIPS 199/200, OMB A-130, and FISMA compliance requirements
• Experience with federal SA&A artifact development and proficiency with GRC platforms (RSA Archer or comparable)
• Demonstrated ability to independently draft clear, technically accurate federal security and compliance documentation.
• Experience supporting RMF/security training material development and stakeholder briefings in a federal environment
• Familiarity with HHS/CDC EPLC security review requirements and federal IT compliance frameworks
• Strong attention to detail; ability to manage multiple concurrent deliverables against fixed deadline

Certifications
• CompTIA Security+ — required at minimum
• Certified Authorization Professional (CAP / ISC²) — preferred
• CISSP — highly encouraged; pursuit actively supported
• Equivalent DoD 8570/8140 IAT Level II or higher certification accepted

Source: LinkedIn

Related Jobs