Position Summary:
We are seeking an experienced Security Analyst / Information Systems Security Officer (ISSO) to ensure the security and compliance of CMS systems. The ideal candidate will have a strong background in IT security, risk management, and federal compliance frameworks. This role involves performing risk assessments, managing security documentation, supporting ATO processes, and collaborating with technical teams to maintain a secure environment.

Key Responsibilities:

• Ensure CMS systems meet all security compliance requirements, including RMF, FISMA, CMS ARS, and NIST 800-53.

• Manage risk assessments, security documentation, and audits.

• Oversee vulnerability management, including scanning, analysis, and mitigation of findings.

• Monitor logs, analyze security incidents, and report findings to leadership.

• Collaborate with technical and development teams to implement security controls and resolve compliance gaps.

• Support ATO (Authorization to Operate) packages and processes.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Systems, or a related field.

• CISSP certification (required).

• 7+ years of IT security experience.

• Strong knowledge of RMF, FISMA, CMS ARS, and NIST 800-53 frameworks.

• Experience with vulnerability management, incident response, and ATO support.

Preferred Qualifications:

• Security+ or CEH certification.

• Experience in federal or CMS environments.

Skills & Competencies:

• Excellent analytical and problem-solving skills.

• Strong written and verbal communication skills for documentation and reporting.

• Ability to work independently in a remote environment.

• Detail-oriented with a focus on compliance and risk mitigation.

Employment Type: Full-Time
Work Location: Remote