Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Cherokee Federal

Cybersecurity Risk Management Analyst

Cherokee Federal

Cybersecurity Risk Management Analyst at Cherokee Federal supporting federal cybersecurity requirements. Collaborating with teams for system authorization and ongoing compliance in federal Governance, Risk, and Compliance.

Posted 4/28/2026full-timeRemote • 🇺🇸 United StatesJuniorMid-Level💰 $95,000 - $105,000 per yearWebsite

Tech Stack

Tools & technologies
CloudCyber Security

About the role

Key responsibilities & impact
  • Create, manage, maintain, and improve NSF A&A documentation and processes (e.g., SSPs, SARs, POA&Ms, security inventories, PTAs, PIAs, and internal reports to management), ensuring completeness, accuracy, and alignment with NIST RMF (SP 800-37, SP 800-53 Rev. 5) and NSF standards
  • Perform control assessments by analyzing technical, procedural, and operational evidence; document results and support risk determinations, POA&M management, and ongoing authorization activities
  • Collaborate with system owners, ISSOs, and engineers to gather artifacts, validate control implementations, and maintain authorization packages across the system lifecycle
  • Conduct cybersecurity assessments and develop a continuous monitoring plan for cloud services in compliance with FedRAMP and other federal requirements
  • Evaluate External Services (e.g., SaaS, PaaS, IaaS) for inclusion within authorization boundaries by reviewing service documentation, analyzing controls, and documenting risks, dependencies, and shared responsibility models; review authorization packages from FedRAMP to assess applicability and identify gaps
  • Support continuous monitoring and SecCM activities by analyzing vulnerability and configuration data (e.g., scan results), validating remediation actions, and identifying trends or systemic risks across systems
  • Customize DISA STIGs and CIS Benchmarks to create and maintain standardized “gold” audit files for systems in use at NSF; leverage Tenable Security Center to support the Security-Focused Configuration Management process
  • Contribute to broader risk management efforts, including identifying cross-system or program-level risks, supporting audit and compliance activities (e.g., OIG), and incorporating findings from assessments, incidents, and external reviews into risk posture and reporting
  • Perform peer reviews of A&A artifacts and related documentation to ensure technical accuracy, consistency, and adherence to established standards; contribute to team deliverables and coordination across Cybersecurity Oversight and Compliance functions
  • Performs other job-related duties as assigned

Requirements

What you’ll need
  • Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
  • 2–5 years of experience in cybersecurity, risk management, or A&A within a federal or regulated environment
  • CompTIA Security+ certification
  • Working knowledge of the NIST Risk Management Framework (RMF) and associated publications (e.g., SP 800-53, SP 800-37, FIPS 199)
  • Experience developing or maintaining A&A documentation (e.g., SSPs, SARs, POA&Ms)
  • Familiarity with External Services assessments and/or FedRAMP authorization concepts
  • Demonstrated experience contributing to or reviewing at least one complete ATO package (e.g., SSP, SAR, POA&M lifecycle)
  • Proven track record of logical and critical thinking, sophisticated writing skills, superior organizational skills, and excellent planning and time management skills
  • Strong attention to detail
  • Must pass pre-employment qualifications of Cherokee Federal

Benefits

Comp & perks
  • Medical
  • Dental
  • Vision
  • 401K
  • other possible benefits as provided
  • Benefits are subject to change with or without notice

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecurityrisk managementA&A documentationcontrol assessmentscontinuous monitoringvulnerability analysisconfiguration managementexternal services assessmentNIST RMFFedRAMP
Soft Skills
logical thinkingcritical thinkingwriting skillsorganizational skillsplanning skillstime managementattention to detail
Certifications
CompTIA Security+