We are seeking a Senior IT Governance & Compliance Analyst to support a portfolio of internal applications that underpin regulatory, supervisory, and consumer protection functions. These systems handle sensitive data and are subject to continuous federal compliance requirements.
This role combines IT governance, compliance, and business analysis, ensuring adherence to federal standards while translating complex stakeholder needs into actionable application requirements.
Key Responsibilities
· Lead FISMA compliance activities, including maintenance of System Security Plans (SSPs), security categorizations, and supporting artifacts.
· Coordinate Authority to Operate (ATO) processes, working closely with security and privacy stakeholders through assessment and authorization cycles.
· Develop and maintain Privacy Impact Assessments (PIAs) for systems handling sensitive and personally identifiable information (PII).
· Maintain accurate IT system inventory and ensure alignment with federal reporting requirements.
· Support data governance and privacy compliance, including data classification and records management.
· Serve as a liaison between security, privacy, compliance teams, and application stakeholders.
· Identify, track, and escalate compliance gaps and risks, ensuring timely remediation.
· Prepare documentation for audits, assessments, and regulatory reviews.
· Elicit, analyze, and document business and functional requirements from stakeholders including economists, policy analysts, attorneys, and program staff.
· Translate business needs into process flows, use cases, and functional specifications.
· Collaborate with technical teams to prioritize, scope, and deliver application enhancements.
· Develop process and data flow diagrams to support system design and governance.
· Support user acceptance testing (UAT), including test case development and validation.
· Act as a bridge between business and technical teams, ensuring clear communication and alignment.
Required Qualifications
· Proven experience with FISMA compliance documentation, including SSPs and A&A artifacts.
· Experience supporting ATO processes and federal security assessments.
· Familiarity with NIST SP 800-53 and NIST SP 800-37 frameworks.
· Experience developing or maintaining Privacy Impact Assessments (PIAs).
· Hands-on experience in business analysis, including requirements gathering and documentation.
· Strong ability to create process models and functional specifications.
· Excellent written communication skills with a focus on documentation and compliance artifacts.
· Experience with process modeling tools such as Visio, Lucidchart, or similar.
Preferred Qualifications
· Experience in a U.S. Federal Government environment.
· Knowledge of data governance, records management, and privacy regulations.
· Professional certifications such as CISSP, CIPP, CRM, or equivalent (preferred).
______________________________________________________
No Phone Calls Please
Please send your resume as an attachment with all the contact details
Never miss an opportunity! Create an alert based on the job you applied for.
