SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. 20544, Washington, DC
  3. Cybersecurity Analyst

Cybersecurity Analyst

Improvix Technologies
Posted 19 days ago, valid for 19 days
Location

Washington, DC 20544, US

Salary

$100,000 - $200,000 per year

Contract type

Full Time

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • The position is for a Cybersecurity Analyst located in Washington, DC, requiring an active Secret clearance and offering a full-time role.
  • Candidates should have at least 5 years of experience in cybersecurity compliance, specifically with ATO and RMF support, although strong candidates with slightly less experience may be considered.
  • The role involves leading Authorization to Operate (ATO) efforts, developing documentation, and engaging with stakeholders while maintaining a focus on cloud compliance with Azure and AWS.
  • Preferred qualifications include familiarity with FedRAMP, experience with tools like Archangel, and exposure to SIEM tools such as Splunk, along with relevant certifications like CISSP or Security+.
  • The ideal candidate should be self-sufficient, proactive, and able to communicate effectively with both technical and executive stakeholders, all while managing multiple concurrent ATO efforts.

Cybersecurity Analyst

Location: Washington, DC (Onsite – 5 Days/Week)
Clearance: Active Secret required (Top Secret eligible)
Type: Full-Time

About the Role

We are seeking a Cybersecurity Analyst with strong experience in ATO and RMF compliance to support a high-volume federal cybersecurity program.

This role is heavily focused on leading Authorization to Operate (ATO) efforts from start to finish—owning documentation, coordinating stakeholders, and guiding systems through assessment and authorization with minimal to no hand-holding.

The ideal candidate combines deep compliance expertise with enough technical understanding of cloud and infrastructure (Azure/AWS) to confidently engage engineers, assessors, and senior leadership.

Key Responsibilities

ATO Ownership (End-to-End)

  • Lead systems through the full ATO lifecycle using NIST Risk Management Framework
  • Independently manage ATO packages from initiation through authorization
  • Develop and maintain:
    • System Security Plans (SSPs)
    • Security Assessment Reports (SARs)
    • Plans of Action & Milestones (POA&Ms)
  • Write detailed control implementation statements aligned to NIST SP 800-53 Rev. 5
  • Prepare for and support assessment boards and authorization reviews

NIST Rev. 5 & Control Implementation

  • Apply and interpret NIST 800-53 Rev. 5 controls and baselines
  • Support migration of systems from older control baselines to Rev. 5
  • Collect, validate, and organize artifacts required for control implementation
  • Justify control implementations to assessors and review boards

Cloud Compliance (Azure & AWS)

  • Support ATO efforts for systems deployed in:
    • Microsoft Azure
    • Amazon Web Services (AWS)
  • Understand cloud architecture, services, and data flows well enough to:
    • Document systems accurately
    • Translate technical configurations into compliance language
  • Partner with engineers to align cloud implementations with compliance requirements
    (Note: This is not a hands-on engineering role, but requires strong technical fluency.)

Stakeholder Engagement

  • Interface directly with:
    • System Engineers & Architects
    • ISSOs / Security Teams
    • Authorizing Officials (AOs)
    • Senior leadership (CIO-level stakeholders)
  • Clearly communicate requirements, gaps, and remediation actions
  • Lead discussions during assessments and audits

Audit, Risk & Continuous Monitoring

  • Support audits, data calls, and compliance reviews
  • Identify risks, gaps, and remediation actions
  • Track and manage POA&Ms to closure
  • Contribute to continuous monitoring (ConMon) activities
  • Support related efforts such as privacy compliance when needed

Tools & Environment

  • Primary GRC Tool: Archangel (preferred)
  • Familiarity with tools such as eMASS or Xacta (legacy experience acceptable)
  • Exposure to SIEM tools such as Splunk is a plus

Required Qualifications

  • 5+ years of experience in cybersecurity compliance / RMF / ATO support
    (Strong candidates with slightly less experience may be considered)
  • Proven ability to lead ATOs independently from start to finish
  • Hands-on experience with:
    • NIST Risk Management Framework
    • NIST SP 800-53 Rev. 5
  • Experience writing implementation statements and ATO documentation
  • Strong understanding of cloud environments (Azure and/or AWS)
  • Ability to communicate effectively with both technical and executive stakeholders
  • Experience working in federal or government environments

Preferred Qualifications

  • Experience with FedRAMP, CIS benchmarks, or similar frameworks
  • Familiarity with Archangel
  • Exposure to SIEM tools (e.g., Splunk)
  • Experience supporting high-volume ATO pipelines / multiple concurrent systems

Certifications (Preferred, Not Required)

  • CISSP (highly desirable)

  • CAP

  • CISM
  • Security+ (baseline)

What Success Looks Like

  • Independently drives multiple systems through ATO with minimal oversight
  • Produces high-quality, audit-ready documentation
  • Confidently defends control implementations to assessors
  • Effectively bridges communication between engineers and compliance stakeholders
  • Keeps pace with high workload and multiple concurrent ATO efforts

Ideal Candidate Profile

  • Self-sufficient (“no hand-holding”) and proactive
  • Strong communicator who can engage senior stakeholders
  • Comfortable shifting between ATO work, audits, data calls, and privacy tasks

  • Technically fluent in cloud environments without being a hands-on engineer



Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2026 SonicJobs Inc. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs