Overview

Information Security Analyst (RMF/Compliance Analyst) Jobs in Hyattsville, MD at eTRANSERVICES

Title: Information Security Analyst (RMF/Compliance Analyst)

Company: eTRANSERVICES

Location: Hyattsville, MD

An Active Public Trust Clearance is required for these positions.

Summary

Risk Management Framework and Cloud Security Operations Support Service

Key Duties:

  • Assist in development, review, and maintenance of System Security Plans (SSPs) and SA&A supporting artifacts under the direction of LCAT-02
  • Develop, track, and update POA&M entries monthly; maintain 100% monthly update AQL across all assigned NCHS systems
  • Conduct policy analysis and develop Policy Analysis & Gap Assessment Reports comparing NCHS practices against evolving NIST, HHS, CDC, and OMB requirements
  • Support FISMA reporting activities and data calls submitted to DHS and OMB on behalf of the NCHS ISSO/SSPO
  • Develop and maintain Process Documentation, SOPs, templates, and process flow diagrams (e.g., SSP templates, Change Request SOPs, risk assessment templates)
  • Develop annual RMF/security Training Materials and Delivery Plans for NCHS staff and stakeholders (due first week of November)
  • Conduct ISSO Intranet Content Review and produce the associated report with accuracy confirmation and update recommendations (due first week of February)
  • Perform security control reviews and gap analyses; support weakness remediation tracking and documentation
  • Contribute to weekly Project Management/Status Reports and Monthly RMF Status Reports

.

Qualifications:

3–6 years of federal information security, RMF, or IT compliance experience

  • Solid working knowledge of NIST SP 800-37, 800-53, 800-30, 800-18, FIPS 199/200, OMB A-130, and FISMA compliance requirements
  • Experience with federal SA&A artifact development and proficiency with GRC platforms (RSA Archer or comparable)
  • Demonstrated ability to independently draft clear, technically accurate federal security and compliance documentation.
  • Experience supporting RMF/security training material development and stakeholder briefings in a federal environment
  • Familiarity with HHS/CDC EPLC security review requirements and federal IT compliance frameworks
  • Strong attention to detail; ability to manage multiple concurrent deliverables against fixed deadline

Certifications

  • CompTIA Security+ — required at minimum
  • Certified Authorization Professional (CAP / ISC²) — preferred
  • CISSP — highly encouraged; pursuit actively supported
  • Equivalent DoD 8570/8140 IAT Level II or higher certification accepted

Apply

Upload your CV/resume or any other relevant file. Max. file size: 800 MB.