FCC Security Compliance RMF Analyst

CFocus Softwareorporated

Job Location:

Washington, AR - USA

Monthly Salary: Not Disclosed

Posted on: 3 hours ago

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Security Compliance / RMF Analyst to join our program supporting the Federal Communications Commission (FCC). This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:

Bachelors degree in Cybersecurity Information Technology Computer Science or related field (or equivalent experience).
Experience in cybersecurity compliance RMF risk management or related environments.
Demonstrated experience supporting enterprise-level cybersecurity or compliance programs.
Experience working in complex IT environments with federal or regulated systems.
Strong knowledge of NIST RMF (SP 800-37) and NIST SP 800-53 controls.
Experience with A&A ATO processes and continuous monitoring.
Familiarity with GRC tools (e.g. Archer Xacta CSAM).
Experience with vulnerability management and risk prioritization.
Strong documentation and technical writing skills.
Analytical and problem-solving capabilities.
Ability to communicate effectively with technical and non-technical stakeholders
Required Certifications
- Role-appropriate cybersecurity certification demonstrating competency in compliance RMF or risk management.
- Examples include: Security CISA CISSP (or equivalent certifications aligned with role responsibilities).

Duties:

Support RMF lifecycle activities including system authorization reauthorization and continuous monitoring.
Develop maintain and update security documentation (SSPs SARs POA&Ms contingency plans).
Perform security control assessments (SCA) and control validation activities.
Track and manage POA&Ms vulnerabilities and remediation activities.
Conduct risk assessments gap analyses and compliance reviews.
Support FISMA NIST SP 800-53 and other federal compliance requirements.
Coordinate with system owners ISSOs engineers and auditors.
Support audit readiness and respond to internal/external audit requests.
Maintain RMF artifacts in GRC tools (e.g. Xacta Archer ServiceNow).
Assist with continuous monitoring reporting and compliance metrics development.

Required Experience:

Senior IC

Bachelors degree in Cybersecurity Information Technology Computer Science or related field (or equivalent experience).
Experience in cybersecurity compliance RMF risk management or related environments.
Demonstrated experience supporting enterprise-level cybersecurity or compliance programs.
Experience working in complex IT environments with federal or regulated systems.
Strong knowledge of NIST RMF (SP 800-37) and NIST SP 800-53 controls.
Experience with A&A ATO processes and continuous monitoring.
Familiarity with GRC tools (e.g. Archer Xacta CSAM).
Experience with vulnerability management and risk prioritization.
Strong documentation and technical writing skills.
Analytical and problem-solving capabilities.
Ability to communicate effectively with technical and non-technical stakeholders
Required Certifications
- Role-appropriate cybersecurity certification demonstrating competency in compliance RMF or risk management.
- Examples include: Security CISA CISSP (or equivalent certifications aligned with role responsibilities).

Duties:

Support RMF lifecycle activities including system authorization reauthorization and continuous monitoring.
Develop maintain and update security documentation (SSPs SARs POA&Ms contingency plans).
Perform security control assessments (SCA) and control validation activities.
Track and manage POA&Ms vulnerabilities and remediation activities.
Conduct risk assessments gap analyses and compliance reviews.
Support FISMA NIST SP 800-53 and other federal compliance requirements.
Coordinate with system owners ISSOs engineers and auditors.
Support audit readiness and respond to internal/external audit requests.
Maintain RMF artifacts in GRC tools (e.g. Xacta Archer ServiceNow).
Assist with continuous monitoring reporting and compliance metrics development.