Security Analyst III

Position: Full-Time

Location: Remote / Baltimore, MD Metro Area

Clearance: Public Trust required

Position Overview

The Security Analyst III is a senior member of the Security Compliance Team, providing advanced compliance analysis, ISSO engagement, vulnerability remediation oversight, and ATO sustainment across assigned CCSQ FISMA systems. This role serves as a senior technical expert on one or more assigned FISMA systems, guiding compliance activities, mentoring junior analysts, and ensuring audit-ready documentation and posture reporting.

Key Responsibilities

• Manage CFACTS artifacts and maintain audit-ready authorization documentation across assigned CCSQ FISMA systems
• Lead FISMA compliance activities across CMS OIT Hybrid Cloud, QualityNet AWS, and SaaS/PaaS environments
• Support ISSOs and ADOs with control evidence collection, POA&M lifecycle management, and CSRAP/CIO review readiness
• Track and report on ATO maintenance milestones, CFACTS activities, and scheduled CSRAP and authorization events
• Support Security Impact Analyses (SIAs) and coordinate with ISSOs to maintain alignment with delivery cadence
• Monitor vulnerability scan findings, ensuring updates are recorded at least every 72 hours covering 100% of in-scope IT assets
• Support ADO vulnerability remediation through analysis, coordination, and escalation reporting against CMS SLA targets
• Validate system configurations against CMS policy, NIST guidance, CIS benchmarks, and cloud vendor best practices
• Validate logging, monitoring, and detection coverage for assigned systems
• Assess and validate defense-in-depth control implementation; record gaps and remediation in CMS-approved tracking tools
• Attend PI Planning events; provide security user stories, dependency identification, and evidence guidance
• Support tabletop tests (TTTs) – planning, execution, and after-action documentation
• Mentor Security Analyst II staff and quality-review compliance artifacts and reporting products
• Contribute senior-level analysis to the Weekly Vulnerability & Compliance Briefing and Monthly Executive Summary

Required Qualifications

• Bachelor''s degree in Cybersecurity, Information Systems, Computer Science, or related field
• 7+ years of information security experience with significant focus on FISMA compliance and federal security authorization
• Expert-level knowledge of NIST RMF (SP 800-37), NIST 800-53, and CMS ARS/CSRAP processes
• Demonstrated experience maintaining ATOs and managing CFACTS in a CMS or comparable federal environment
• Proficiency with vulnerability management tools (Tenable, Nessus); experience tracking POA&Ms and SLA compliance
• Strong experience with ISCM methodologies and continuous authorization / cATO approaches
• Familiarity with AWS cloud security controls and configuration baselines
• Excellent written communication; ability to produce executive-quality deliverables and compliance artifacts
• Experience in SAFe or Agile delivery frameworks
• Security+ and CySA+ required

Preferred Qualifications

• CISSP, CAP (CGRC), or CISM preferred
• Prior CMS CCSQ, ISG, or QualityNet experience highly desirable
• Experience with Splunk or other federal SIEM platforms
• Familiarity with MITRE ATT&CK and threat-informed defense
• AWS security knowledge or certification