Security Compliance Analyst

Title: Security Compliance Analyst
Location: Rockville, MD / Tysons, VA (ONSITE)

Description:
Seeking an experienced Security Compliance Analyst to support FISMA and FedRAMP compliance initiatives. This role involves developing and reviewing Security Authorization Packages (SSP, Contingency Plans, CMP, IRP, PIA, POA&M), leading compliance assessments, and ensuring adherence to NIST 800 series guidelines. You will collaborate with clients, audit teams, and internal stakeholders to deliver high-quality compliance artifacts and close audit findings.

Responsibilities:

• Lead FISMA/FedRAMP security assessments and documentation.

• Analyze vulnerability scans (Nessus, Qualys, AppDetective, WebInspect, IBM AppScan, Burp Suite).

• Review/update security policies, standards, and procedures.

• Work with cross-functional teams to ensure compliance objectives are met.

Required Skills:

• Strong knowledge of NIST 800-30, 37, 53/53A, 60.

• Experience with FedRAMP, FISMA, SOC 2, RegSCI, PCI-DSS.

• Familiarity with Splunk and security assessment tools.

• Excellent communication and stakeholder engagement skills.

Preferred:

• Certifications: CISSP, CEH, AWS Security, CASP+, Security+.

• Bachelor s degree in IT or Cybersecurity (or equivalent experience).

• FedRAMP experience highly preferred.