Information Security Analyst

Rockville, MD, US • Posted 3 hours ago • Updated 3 hours ago

Contract Independent

Contract Corp To Corp

Contract W2

Travel Required

On-site

Depends on Experience

Fitment

Dice Job Match Score™

✨ Finding the perfect fit...

Job Details

Skills

GRC
Risk
compliance
FedRAMP FISMA NIST frameworks (especially 800-53)

Summary

Information Security Analyst

Rockville, MD / Tyson, VA Hybrid 3 days onsite

12+ Months Contract

CISSP + FedRAMP (big big plus)
This is a GRC (Governance, Risk, Compliance) Security Consultant role focused on:

FedRAMP / FISMA compliance
Translating NIST SP 800-53 controls into real systems
Building and maintaining ATO (Authority to Operate) packages
Acting as a client-facing advisor (not just technical—this is consultative)

Think: “bridge between cybersecurity, compliance, and business stakeholders”

Ideal Candidate Profile (What actually works in the market)
Core Background

3–5 years in:
- Cybersecurity (GRC, Risk, Compliance)
- Or Federal consulting (Deloitte, Booz, Guidehouse, etc.)
Experience with:
- FedRAMP
- FISMA
- NIST frameworks (especially 800-53)

Must-Have Skill Set

Writing System Security Plans (SSPs) end-to-end
Understanding RMF (Risk Management Framework) via NIST SP 800-37
Experience supporting or maintaining ATO lifecycle
Reviewing vulnerability scans (Qualys, Burp, etc.)
Strong client-facing communication

Certifications (what actually closes candidates)
Best combos:

Security+ (baseline)
- CAP or CISSP (huge boost)
- AWS (if cloud/FedRAMP-heavy client)

? If they have CISSP + FedRAMP = premium candidate ($$$)

? What They’ll Actually Do Day-to-Day
This helps you screen fast:

Write/edit SSPs, IR Plans, Contingency Plans
Map system controls ? NIST 800-53 controls
Sit in calls with clients extracting system info
Review scan results + flag risks
Help prepare for audits / ATO renewals
Keep documentation updated (this is BIG)

60% documentation + 25% client interaction + 15% technical review

What to Watch Out For (Common Mismatches)
Avoid candidates who:

Are purely SOC / blue team (they won’t like documentation-heavy work)
Only did penetration testing with no compliance exposure
Don’t understand ATO lifecycle
Have zero federal exposure

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10117326
Position Id: 31364-26195-
Posted 3 hours ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Information security analyst (A&A)

Hybrid in Rockville, Maryland

•

Today

Title: Information security analyst (A&A) Location: Rockville, MD (Hybrid 23 Days Onsite) Employment Type:Full-Time / ContractExperience: 10+years MustSkysoft Inc is seeking an information security analyst who will be a key member of a consulting team providing advice, support, and reporting to federal agency, in Assessment and Authorization for Information Systems. This role will be primarily responsible for interfacing and reporting to federal government personnel responsible for Information

Easy Apply

Contract

80 - 85

Information Security Analyst Specialist

Tysons, Virginia

•

13d ago

Job Description - Position Overview: Are you ready to lead the charge in cybersecurity? We're on the hunt for a dynamic Cybersecurity Engineering Lead to spearhead our cutting-edge security initiatives. If you have a passion for engineering, automation, and operational management of privileged access, credential management technologies, and endpoint security technologies, this is the role for you! You'll be at the forefront of our cybersecurity efforts, participating in a monthly on-ca

Easy Apply

Third Party, Contract

Depends on Experience

Information Security Analyst 4 - Contingent

Woodbridge Township, New Jersey

•

Today

Position: Information Security Analyst 4 Location: Iselin, New Jersey Duration: Contract (12-24 months) Pay rate: 80-85$/hr Job ID: 174099 Job Description: In this contingent resource assignment, candidate may: Consult on complex initiatives with broad impact and large-scale planning for Information Security Analysis. Review and analyze complex multi-faceted, larger scale or longer-term Information Security Analysis challenges that require in-depth evaluation of multiple factors including

Easy Apply

Full-time

USD 80.00 - 85.00 per hour

Information Security Analyst

New York, New York

•

Today

Company Description Job Description CANDIDATES MUST BE PERMANENT IN THE CYBER SECURITY ANALYST CIVIL SERVICE TITLE OR HAVE A COMPARABLE CIVIL SERVICE TITLE TO APPLY The Information Security Analyst supports day-to-day security operations by monitoring alerts, investigating potential threats, and helping protect systems, networks, and data. This role will support many functions of the Information Security Program which include, access provisioning, log analysis for fraud mitigation, security a

Full-time

Search all similar jobs