Cybersecurity Compliance Analyst
ComplianceComplianceFull TimeRemoteMid Level
Location
United States
Posted
3 days ago
Salary
Not specified
Seniority
Mid Level
NIST SP 800-53Risk Management FrameworkFISMASecurity Control ImplementationCompliance DocumentationSystem AuthorizationPrivacy ControlsVulnerability ManagementAuditingFederal Cybersecurity Policies
Job Description
Role Description
cFocus Software seeks a Cybersecurity Compliance Analyst to join our program supporting the National Institutes of Health (NIH). This position is remote and requires a Public Trust clearance.
- Support cybersecurity compliance activities across NCATS systems and infrastructure.
- Assist with implementation and documentation of NIST SP 800-53 security and privacy controls.
- Coordinate with system owners, developers, and infrastructure teams to ensure systems meet federal security requirements.
- Maintain compliance documentation and assist with system authorization packages.
- Provide training, support, and guidance to NCATS personnel on cybersecurity compliance requirements.
- Assist developers, engineers, and project stakeholders in implementing NIST SP 800-53 Rev.5 security controls.
- Support security control mapping and tailoring activities based on FIPS-199 system categorizations.
- Provide documentation support for RMF artifacts including System Security Plans (SSP), Security Assessment Plans (SAP), Security Assessment Reports (SAR), and Plans of Action and Milestones (POA&M).
- Assist with privacy control implementation and data protection requirements.
- Participate in system design discussions and provide compliance recommendations.
- Support security and privacy compliance for NCATS research programs and associated IT systems.
- Assist with preparation of FIPS-199 documentation and system registration within NIH GRC repositories.
- Conduct Privacy Impact Assessments (PIA) and Third-Party Web Application (TPWA) assessments.
- Assist the NCATS ISSO and Privacy Coordinator with privacy incident response, policy implementation, and security data calls.
- Maintain and update security and privacy documentation to ensure alignment with federal requirements.
- Assist with system assessment readiness and authorization preparation activities.
- Support development and maintenance of Authority to Operate (ATO) documentation.
- Conduct pre-assessment reviews of security controls and compliance artifacts.
- Assist with independent security assessments and remediation tracking.
- Support development of system authorization artifacts including SSPs, contingency plans, configuration management plans, and incident response documentation.
- Provide cybersecurity compliance support to NCATS system owners and users.
- Assist with training programs related to security compliance and RMF processes.
- Support vulnerability remediation tracking and audit preparation activities.
- Provide end-user guidance on access control, monitoring requirements, and cybersecurity best practices.
Qualifications
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline.
- 5–7 years of experience supporting cybersecurity compliance, risk management, or information security programs.
- Familiarity with NIST Risk Management Framework (RMF).
- Experience supporting NIST SP 800-53 security control implementation.
- Experience preparing and maintaining RMF documentation including SSPs and POA&Ms.
- Understanding of FISMA compliance requirements and federal cybersecurity policies.
- Strong analytical and documentation skills.
Job Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline.
- 5–7 years of experience supporting cybersecurity compliance, risk management, or information security programs.
- Familiarity with NIST Risk Management Framework (RMF).
- Experience supporting NIST SP 800-53 security control implementation.
- Experience preparing and maintaining RMF documentation including SSPs and POA&Ms.
- Understanding of FISMA compliance requirements and federal cybersecurity policies.
- Strong analytical and documentation skills.
Related Guides
Related Categories
Related Job Pages
More Compliance Jobs
Compliance3 days ago
Full TimeRemoteTeam 1,001-5,000Since 2015H1B Sponsor
Lead US regulatory compliance for Airwallex: manage state MTL licensing, regulatory engagement, filings, examinations, and training. Advise on product and process compliance, develop policies and monitoring, and support regulatory change and remediation to enable growth.
NmlsRegtech
Compliance3 days ago
Full TimeRemoteTeam 1,001-5,000Since 2015H1B Sponsor
Lead US regulatory engagement and state licensing (MTL) efforts, manage filings, renewals and examinations, advise on regulatory changes and product compliance, develop policies and monitoring programs, deliver compliance training, and collaborate cross-functionally to operationalize controls and mitigate compliance risk.
NmlsRegtech
Compliance3 days ago
Full TimeRemoteTeam 10,001+Since 1939H1B No Sponsor
Regulatory Compliance Manager leading cost accounting for Northrop Grumman
ERP
Compliance4 days ago
Full TimeRemoteTeam 10,001+Since 1969H1B Sponsor
Corporate Compliance Officer managing compliance for Labcorp's North Central division
Illinois + 7 moreAll locations: Illinois, Kentucky, Ohio, Michigan, Pennsylvania, Virginia, West Virginia, Wisconsin
$105K - $125K / year
