Project Manager/ Information Security Analyst

Information Security Analyst

USCIS CMASS Program

Position Summary

We are seeking an experienced Information Security Analyst III to support the USCIS Information Security Division, Risk Management Branch in executing cybersecurity, continuous monitoring, compliance, internal control testing, automation, and risk management activities under CMASS. This role supports the delivery of agile security services designed to improve cybersecurity posture, strengthen compliance, enhance automation, and help USCIS manage risk across its enterprise systems and processes.

Key Responsibilities

• Support continuous process improvement by identifying opportunities to improve efficiency, standardize processes, and enhance knowledge management.
• Develop, update, and maintain SOPs, playbooks, and supporting documentation for the Risk Management Program.
• Support automation and focused development efforts, including maintenance and evolution of tools such as Splunk dashboards, RPA workflows, and related integrations.
• Help establish and maintain integration methods among automation tools and authoritative data sources.
• Develop alerts, notifications, and workflow support for continuous monitoring and internal control testing activities.
• Provide subject matter support for high-priority and time-sensitive tasks, including risk analyses, document reviews, remediation support, policy updates, and data calls.
• Monitor changes to NIST guidance, DHS policy, and FISMA metrics and help assess impacts to program compliance and reporting.
• Conduct system reviews and support ongoing visibility into the security posture of systems within the USCIS portfolio.
• Review and manage system security personnel lists, security authorization documentation, privacy documentation, and related compliance records.
• Review control selections and testing artifacts for security authorization packages.
• Support audit readiness and responses to internal and external audit requests.
• Assist with internal control assessments, risk assessments, POA&M support, cyber hygiene reporting, information security agreements, SharePoint/ECN workflow support, and FISMA inventory updates.
• Support development and delivery of ISSO onboarding, refresher, and specialized training materials.

Required Qualifications

• Bachelor’s degree.
• Five or more years of related information security, cybersecurity, or security operations experience.
• Strong working knowledge of security compliance, risk management, continuous monitoring, and internal control testing.
• Experience reviewing documentation, analyzing controls, supporting remediation, and maintaining security program records.
• Ability to work independently and collaboratively in a federal cybersecurity support environment.

Preferred Qualifications

• Active cybersecurity certification such as CISSP, CASP, GSEC, GSLC, CEH, CISM, or CISA.
• Experience supporting NIST 800-53 controls, FISMA, DHS policy compliance, POA&M processes, and enterprise cybersecurity reporting.
• Experience with Splunk, UI Path, Swimlane, SharePoint workflows, and related automation or reporting tools.
• Experience developing or supporting ISSO training content and delivery.

Work Location and Schedule

• Primary place of performance: USCIS Headquarters, Camp Springs, Maryland, with support across USCIS locations in the Washington, DC metropolitan area as needed.
• Normal hours of operation are 8:00 a.m. to 5:00 p.m., Monday through Friday, excluding Federal holidays.
  

Contingent Upon Contract Award
This position is contingent upon contract award and successful funding. Any offer of employment is dependent upon our company’s receipt of the award, completion of the hiring process, and satisfaction of all pre-employment requirements. If selected, candidates may be contacted in advance to support recruiting, qualification review, and preliminary onboarding activities associated with the opportunity.