Information System Security Compliance Analyst - Noblis

Key Responsibilities

• Manage the end‑to‑end security authorization process for one or more federal information systems, from initial package preparation to ATO issuance.
• Develop, update, and maintain compliance artifacts such as System Security Plans, Risk Assessments, and POA&M reports in line with NIST RMF and NIST SP 800‑53 requirements.
• Conduct continuous monitoring activities, including vulnerability assessments, security control testing, and remediation tracking.
• Coordinate with system owners, developers, and auditors to resolve security findings and ensure timely implementation of corrective actions.
• Provide guidance and training to stakeholders on federal cybersecurity policies, risk management processes, and documentation standards.

Requirements

• Experience applying NIST Risk Management Framework (RMF) and NIST SP 800‑53 controls in a federal environment.
• Proven ability to produce and maintain security authorization packages, System Security Plans, and POA&M documentation.
• Strong understanding of continuous monitoring practices, vulnerability management, and risk assessment techniques.
• Excellent written and verbal communication skills for clear documentation and stakeholder interaction.
• Relevant certifications (e.g., CISSP, CISM, Security+, or equivalent) are preferred.