Cybersecurity Jobs List logo

Cybersecurity Jobs List

  1. Home
  2. Jobs
  3. Cybersecurity Compliance
  4. NIH - Cybersecurity Compliance Analyst
CS
cFocus Software Incorporatedcfocussoftware.com

NIH - Cybersecurity Compliance Analyst

Maryland, United States (Remote)Full-time2h ago
cFocus Software seeks a Cybersecurity Compliance Analyst to join our program supporting the National Institutes of Health (NIH). This position is remote. This position requires a Public Trust clearance.
Qualifications:
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline.
  • 5–7 years of experience supporting cybersecurity compliance, risk management, or information security programs.
  • Familiarity with NIST Risk Management Framework (RMF).
  • Experience supporting NIST SP 800-53 security control implementation.
  • Experience preparing and maintaining RMF documentation including SSPs and POA&Ms.
  • Understanding of FISMA compliance requirements and federal cybersecurity policies.
  • Strong analytical and documentation skills.
Duties:
  • Support cybersecurity compliance activities across NCATS systems and infrastructure.
  • Assist with implementation and documentation of NIST SP 800-53 security and privacy controls.
  • Coordinate with system owners, developers, and infrastructure teams to ensure systems meet federal security requirements.
  • Maintain compliance documentation and assist with system authorization packages.
  • Provide training, support, and guidance to NCATS personnel on cybersecurity compliance requirements.
  • Assist developers, engineers, and project stakeholders in implementing NIST SP 800-53 Rev.5 security controls.
  • Support security control mapping and tailoring activities based on FIPS-199 system categorizations.
  • Provide documentation support for RMF artifacts including System Security Plans (SSP), Security Assessment Plans (SAP),
  • Security Assessment Reports (SAR), and Plans of Action and Milestones (POA&M).
  • Assist with privacy control implementation and data protection requirements.
  • Participate in system design discussions and provide compliance recommendations.
  • Support security and privacy compliance for NCATS research programs and associated IT systems.
  • Assist with preparation of FIPS-199 documentation and system registration within NIH GRC repositories.
  • Conduct Privacy Impact Assessments (PIA) and Third-Party Web Application (TPWA) assessments.
  • Assist the NCATS ISSO and Privacy Coordinator with privacy incident response, policy implementation,
  • and security data calls.
  • Maintain and update security and privacy documentation to ensure alignment with federal requirements.
  • Assist with system assessment readiness and authorization preparation activities.
  • Support development and maintenance of Authority to Operate (ATO) documentation.
  • Conduct pre-assessment reviews of security controls and compliance artifacts.
  • Assist with independent security assessments and remediation tracking.
  • Support development of system authorization artifacts including SSPs, contingency plans, configuration management plans, and incident response documentation.
  • Provide cybersecurity compliance support to NCATS system owners and users.
  • Assist with training programs related to security compliance and RMF processes.
  • Support vulnerability remediation tracking and audit preparation activities.
  • Provide end-user guidance on access control, monitoring requirements, and cybersecurity best practices.

Categories

Cybersecurity Compliance
Federal Compliance
Information Security Analyst
IT Security Analyst
Risk Management

Skills

Authority to Operate (ATO)
Cybersecurity Compliance
FIPS 199
FISMA
Incident Response
Information Security
NIST Risk Management Framework (RMF)
NIST SP 800-53
POA&M
Privacy Impact Assessments (PIA)
Risk Management
Security Assessment Plans (SAP)
Security Assessment Reports (SAR)
System Security Plans (SSP)
Vulnerability Remediation