FCC - Security Compliance / RMF Analyst
This position is posted by Jobgether on behalf of a partner company. We are currently looking for a FCC - Security Compliance / RMF Analyst in United States.
This role offers an exciting opportunity to support critical cybersecurity and compliance initiatives within a complex federal environment. You will play a key role in managing Risk Management Framework (RMF) activities, maintaining security documentation, and supporting continuous monitoring efforts across enterprise systems. Working in a collaborative and highly regulated setting, you will partner with technical teams, auditors, and system stakeholders to strengthen security posture and ensure compliance with federal standards. The position is ideal for professionals who thrive in analytical, process-driven environments and enjoy balancing technical security expertise with strategic risk management. This is a fully remote opportunity with strong exposure to enterprise cybersecurity operations and governance frameworks.
Accountabilities:
- Support RMF lifecycle activities including authorization, reauthorization, continuous monitoring, and security compliance initiatives for federal systems.
- Develop, maintain, and update security documentation such as System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and contingency plans.
- Perform security control assessments, validation activities, risk assessments, gap analyses, and compliance reviews aligned with NIST and federal standards.
- Track vulnerabilities, remediation activities, and compliance metrics while maintaining RMF artifacts within GRC platforms such as Xacta, Archer, or ServiceNow.
- Collaborate with system owners, ISSOs, engineers, auditors, and other stakeholders to support audit readiness and resolve security findings efficiently.
- Assist with vulnerability management efforts, continuous monitoring reporting, and implementation of security best practices across enterprise environments.
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent professional experience.
- Proven experience in cybersecurity compliance, RMF, risk management, or federal information security environments.
- Strong knowledge of NIST RMF (SP 800-37), NIST SP 800-53 controls, FISMA requirements, and A&A/ATO processes.
- Hands-on experience with GRC tools such as Archer, Xacta, CSAM, or similar compliance platforms.
- Familiarity with vulnerability management, security control assessments, and continuous monitoring processes.
- Strong analytical, technical writing, and problem-solving abilities with excellent communication skills for both technical and non-technical audiences.
- Relevant cybersecurity certification required, such as Security+, CISSP, CISA, or equivalent.
- Ability to obtain and maintain a Public Trust clearance.
- Fully remote work opportunity
- Exposure to enterprise-level federal cybersecurity and compliance programs
- Opportunity to work on high-impact government security initiatives
- Collaborative and mission-driven work environment
- Professional growth and development opportunities
- Experience with advanced cybersecurity governance and compliance frameworks
- Supportive team culture focused on innovation and operational excellence.