IT Security Analyst
ELLKAY
AWSCloudCyber Security
FedRAMP Compliance Analyst
Claroty
full-time
Posted on:
Origin: • 🇺🇸 United States • District of Columbia, Washington
Visit company websiteSalary
💰 $90,000 - $100,000 per year
Job Level
JuniorMid-Level
Tech Stack
AWSAzureCloudCyber SecurityIoTServiceNow
About the role
- Support the FedRAMP authorization and reauthorization processes, including development, review, and maintenance of system security documentation (SSP, POA&M, SAP, SAR, etc.)
- Map and analyze security controls against FedRAMP Moderate/High baselines and NIST SP 800-53 controls
- Assist in implementing and monitoring security controls for FedRAMP-authorized systems
- Coordinate with internal teams (engineering, operations, DevSecOps) to ensure security requirements are integrated into system design and operation
- Maintain continuous monitoring documentation and support periodic assessments (e.g., annual assessments, penetration tests, vulnerability scans)
- Interface with Third Party Assessment Organizations (3PAOs), government customers, and internal stakeholders to support audits and assessments
- Track and manage Plan of Action and Milestones (POA&M) items to closure
- Provide compliance reporting, metrics, and risk analysis to management
- Stay up-to-date with changes in FedRAMP requirements, NIST guidance, and related compliance frameworks (e.g., FISMA, CMMC)
Requirements
- U.S. Citizenship (required for working in GovCloud environments)
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience)
- 2–3 years of experience in information security compliance or risk management, preferably in a FedRAMP or FISMA-regulated environment
- Strong knowledge of NIST SP 800-53, FedRAMP Moderate/High baselines, and the FedRAMP authorization process
- Experience with security documentation (SSP, POA&M, SAR, SAP, etc.) and governance tools
- Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys) and interpreting security findings
- Eligibility to obtain a security clearance is required
- Preferred: Experience working with or in a 3PAO or federal agency
- Preferred: FedRAMP or NIST security control implementation experience in AWS, Azure, or Google Cloud environments
- Preferred certifications: CISSP, CISA, CAP, CompTIA Security+
- Preferred: Experience with GRC platforms (e.g., RSA Archer, ServiceNow GRC, Xacta)
- Soft skills: Strong analytical and problem-solving skills; ability to work independently and manage multiple priorities; effective written and verbal communication; ability to collaborate across teams; self-motivated
Similar jobs on JobTailor
Cleared AWS Security / ATO Specialist, Full Scope Polygraph, FSP
Leidos
AWSCloudJavaScriptPython
Senior Security Engineer, Cloud
Wolfe, LLC
AWSAzureCloudGoogle Cloud Platform
Software Developer, Federal Modernization Project
CSCI Consulting
AzureCloudCyber SecurityETLJavaJenkinsJUnitOracleSeleniumServiceNow
Cleared AWS Security/ATO Specialist – Full Scope Polygraph
VPS
AWSCloudJavaScriptPython