Cybersecurity Risk Analyst Job in Independence

1893 IT & Software Developer jobs in the US

Company Size

1k-5k

Company Type

Services

Exp Level

Senior

Job Type

Full-Time

Language

English

Visa sponsorship

Requirements

Must:

- Bachelors degree in Cybersecurity, Information Technology, or a related field (or equivalent experience). - 2–5 years of experience in cybersecurity, risk management, or Assessment and Authorization (A&A) in a federal or regulated environment. - CompTIA Security+ certification. - Familiarity with the NIST Risk Management Framework (RMF) and related publications (e.g., SP 800-53, SP 800-37, FIPS 199). - Proven experience in developing or maintaining A&A documentation (e.g., SSPs, SARs, POA&Ms). - Understanding of External Services assessments and/or FedRAMP authorization concepts. - Demonstrated ability to contribute to or review a comprehensive Authorization to Operate (ATO) package (e.g., SSP, SAR, POA&M lifecycle). - Strong critical thinking, excellent writing, superior organizational skills, and effective planning and time management abilities. - Meticulous attention to detail. - Must fulfill pre-employment requirements of Cherokee Federal.

Technologies

Cloud

IaaS

Support

PaaS

Security

Responsibilities

- Draft, manage, enhance, and sustain Assessment and Authorization (A&A) documentation and processes (such as SSPs, SARs, POA&Ms, security inventories, PTAs, and PIAs), ensuring they are complete, accurate, and compliant with NIST Risk Management Framework (RMF) requirements and NSF standards. - Conduct control assessments by evaluating technical, procedural, and operational evidence; document findings, and assist in risk evaluations, POA&M management, and ongoing authorization processes. - Collaborate with system stakeholders, Information System Security Officers (ISSO), and engineers to collect evidence, confirm control implementations, and maintain authorization packages throughout the system lifecycle. - Carry out cybersecurity assessments and formulate a continuous monitoring strategy for cloud services in line with FedRAMP and federal regulations. - Assess External Services (e.g., SaaS, PaaS, IaaS) for integration within authorization limits by analyzing service documentation, evaluating controls, and documenting related risks and shared responsibility models; review FedRAMP authorization packages for relevance and to identify gaps. - Aid in continuous monitoring and Security-Focused Configuration Management by analyzing vulnerabilities and configuration data (e.g., scanning results), validating remediation measures, and identifying trends or systemic risks across systems. - Tailor DISA STIGs and CIS Benchmarks to develop and uphold standardized gold audit files for NSF systems; utilize Tenable Security Center to bolster the Security-Focused Configuration Management process. - Engage in broader risk management initiatives, including pinpointing cross-system risks, assisting with audit and compliance tasks (e.g., OIG), and integrating findings from evaluations, incidents, and external reviews into risk management and reporting. - Conduct peer reviews of A&A materials and related documents to ensure technical fidelity, consistency, and compliance with established standards; contribute to team outputs and foster coordination among Cybersecurity Oversight and Compliance activities. - Perform other job-related tasks as assigned.

Description

We at Cherokee Federal are actively looking for a Cybersecurity Risk Management Analyst to bolster our collaboration with the U.S. National Science Foundation. This position plays a pivotal role in Assessment and Authorization (A&A) and various risk management endeavors within a federal Governance, Risk, and Compliance (GRC) framework. As part of our Oversight and Compliance Team, the analyst will engage in system authorization activities, risk assessments, and ongoing compliance efforts, ensuring alignment with federal cybersecurity mandates. We offer a competitive salary ranging from $95,000 to $105,000, along with comprehensive benefits including medical, dental, vision, and 401K. Our organization fosters an inclusive environment where veterans and transitioning military personnel are especially encouraged to apply.

Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️

IT & Software developer jobs in the USSecurity Engineer jobs in the USSecurity Engineer jobs Wichita, KS

You can find Cyber Security Engineer salaries in the United States here.

How many Cyber Security Engineer jobs are in the United States?

Currently, there are 1893 Security openings. Check also: IAM jobs, SAML jobs, Cisco jobs, Splunk jobs - all with salary brackets.

Is the US a good place for Cyber Security Engineers?

The US is one of the best countries to work as a Cyber Security Engineer. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.

Which companies are hiring for Cyber Security Engineer jobs in the United States?

micro1, Consultation Devpresso Inc, Savard Personnel Group, Tenet Advisors, LLC, Bedrock Technology, Net Engineers, Inc, Seakeeper, Inc. among others, are currently hiring for Security roles in the United States.

The company with most openings is Jobot as they are hiring for 138 different Cyber Security Engineer jobs in the United States. They are probably quite committed to find good Cyber Security Engineers.