Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
OCT Consulting LLC

RMF Cybersecurity Analyst

OCT Consulting LLC

RMF Cybersecurity Analyst supporting federal clients in executing Risk Management Framework compliance and security governance activities. Engaging with various stakeholders in a complex federal health statistics environment.

Posted 6/4/2026full-timeHyattsville • Maryland • 🇺🇸 United StatesMid-LevelSenior💰 $90,000 - $110,000 per yearWebsite

Tech Stack

Tools & technologies
CloudCyber Security

About the role

Key responsibilities & impact
  • Assist the ISSO/SSPO in interfacing with federal staff, contractors, and business partners to execute information security aspects of the agency's CIPSEA obligations, IT modernization, and cloud migration efforts.
  • Support Security Assessment and Authorization (SA&A) activities including agency-hosted, contractor-hosted, cloud-hosted, and FedRAMP SA&As; assist with interpretation of regulations and policy guidance.
  • Develop, track, and update Plans of Action and Milestones (POA&Ms) for identified vulnerabilities and risks; report remediation status monthly.
  • Prepare and maintain System Security Plans (SSPs) in accordance with NIST SP 800-18 and NIST SP 800-53.
  • Conduct and document Risk Assessment Reports (RARs) consistent with NIST SP 800-30 and applicable agency policies.
  • Support FISMA reporting to the Department of Homeland Security and OMB; prepare gap reports of agency practices against evolving federal, HHS, and agency requirements.
  • Assist with Privacy Threshold Analyses (PTAs) and Privacy Impact Assessments (PIAs) in accordance with HHS policy and OMB M-03-22.
  • Prepare weekly project management/status reports and monthly RMF status reports for the COR and Program POC.
  • Develop and maintain reusable templates, standard operating procedures (SOPs), and process documentation (e.g., SSP templates, risk assessment templates, process flow diagrams).
  • Coordinate with agency Security, Business, and Technical Stewards; provide stakeholder advisory support and training as required.
  • Support EPLC security reviews, IT acquisition security reviews, and security governance coordination activities.
  • Assist in applying CIPSEA oversight in coordination with the agency Confidentiality Officer.
  • Maintain compliance with all agency security training requirements including annual Security Awareness Training (SAT) and role-based training (RBT).

Requirements

What you’ll need
  • Must be a U.S. Citizen.
  • Minimum of 3–5 years of experience in federal information security, RMF implementation, or cybersecurity compliance.
  • Demonstrated experience with NIST SP 800-37, 800-30, 800-53/53A, 800-60, and FIPS 199/200.
  • Experience supporting FISMA compliance and reporting activities for a federal civilian agency.
  • Experience developing, reviewing, and maintaining SA&A documentation artifacts (SSPs, RARs, POA&Ms, Contingency Plans).
  • Proficiency with Governance, Risk, and Compliance (GRC) platforms such as Archer or comparable tools.
  • Strong technical writing skills sufficient to independently produce clear, accurate, and professionally formatted security and compliance documentation.
  • Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field (or equivalent work experience).
  • Ability to obtain a Public Trust (Moderate Risk – Level 5 or higher) background investigation; an HSPD-12/PIV card will be required for facility and network access.

Benefits

Comp & perks
  • Medical, Dental, and Vision insurance
  • Retirement savings 401K plan provided by an industry leading provider with 3% employer contributions of the employee's gross salary
  • Paid Time Off and Standard Government Holidays
  • Life Insurance, Short- and Long-Term disability benefits
  • Training Benefits

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
NIST SP 800-18NIST SP 800-30NIST SP 800-37NIST SP 800-53FIPS 199FIPS 200FISMA complianceRisk Management Framework (RMF)Security Assessment and Authorization (SA&A)Plans of Action and Milestones (POA&Ms)
Soft Skills
technical writingstakeholder advisory supporttrainingproject managementcommunication
Certifications
Public Trust (Moderate Risk – Level 5 or higher)