Perform security control assessments (SCA) and control validation activities.
Track and manage POAMs, vulnerabilities, and remediation activities.
Job description
cFocus Software seeks a Security Compliance / RMF Analyst to join our program supporting the Federal Communications Commission (FCC). This position is remote. This position requires the ability a Public Trust clearance. Qualifications:
Bachelorβs degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
Experience in cybersecurity compliance, RMF, risk management, or related environments.
Demonstrated experience supporting enterprise-level cybersecurity or compliance programs.
Experience working in complex IT environments with federal or regulated systems.
Strong knowledge of NIST RMF (SP 800-37) and NIST SP 800-53 controls.
Experience with A&A, ATO processes, and continuous monitoring.
Familiarity with GRC tools (e.g., Archer, Xacta, CSAM).
Experience with vulnerability management and risk prioritization.
Strong documentation and technical writing skills.
Analytical and problem-solving capabilities.
Ability to communicate effectively with technical and non-technical stakeholders
Required Certifications
Role-appropriate cybersecurity certification demonstrating competency in compliance, RMF, or risk management.
Examples include: Security+, CISA, CISSP (or equivalent certifications aligned with role responsibilities).
Duties:
Support RMF lifecycle activities including system authorization, reauthorization, and continuous monitoring.
