SonicJobs Logo
Left arrow iconBack to search

NIH - Cyber Program Analyst

cFocus Software Incorporated
Posted 4 days ago, valid for a month
Location

Bethesda, MD 20824, US

Salary

Competitive

Contract type

Full Time

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

cFocus Software seeks a Cyber Program Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 2+ years supporting federal cybersecurity programs, RMF, governance, compliance, or ISSO activities.
  • Preferred certifications include Security+, CAP, CISSP, CISM, PMP, or equivalent.
  • Knowledge of NIST RMF, NIST SP 800-53 Rev.5, FISMA, FIPS, A&A, POA&M management, SSP development, cybersecurity reporting, risk management, executive communications, ServiceNow, Microsoft Office, and cybersecurity governance.

Duties:
  • Support day-to-day program management activities, schedules, milestones, action items, and project reporting.
  • Develop weekly, monthly, quarterly, and ad hoc cybersecurity reports, executive dashboards, risk profiles, and program metrics.
  • Coordinate Program Management Plans, Project Management Plans, Integrated Master Schedules, SOPs, and other contract deliverables.
  • Support Front Door security operations by tracking requests, maintaining documentation, and coordinating issue resolution.
  • Assist ISSOs and System Owners with Assessment and Authorization (A&A) activities throughout the RMF lifecycle.
  • Develop and maintain RMF documentation including SSPs, Security Assessment Plans, Security Assessment Reports, POA&Ms, and authorization packages.
  • Monitor NIST SP 800-53 Rev. 5 security control implementation and continuous monitoring activities.
  • Track Plans of Action & Milestones (POA&Ms), risk acceptance decisions, and remediation activities.
  • Support Risk Management Strategy updates, common control libraries, and Cybersecurity Supply Chain Risk Management (C-SCRM) activities.
  • Coordinate FISMA reporting, audit responses, corrective action plans, and cybersecurity compliance activities.
  • Provide cybersecurity guidance to stakeholders regarding security requirements, documentation, and compliance obligations.
  • Analyze cybersecurity metrics and identify trends, risks, and recommendations supporting executive decision making.
  • Maintain program documentation and ensure compliance with NIH, HHS, NIST RMF, and federal cybersecurity policies.



Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.