Sr Security Governance Analyst

What You'll Do:

• Lead the end-to-end Certification & Authorization (C&A) process for information systems, including initial assessment, remediation, documentation, and ongoing monitoring.
• Maintain and update System Security Plans (SSPs), POA&Ms, and other FedRAMP/GovRAMP/NIST documentation artifacts.
• Oversee control gap analysis and drive remediation efforts across technical and administrative domains.

About You:

• Deep understanding of NIST SP 800-53 Rev 5, FedRAMP/ GovRAMP Moderate/High baselines, and CSF 2.0, and RMF 2.0 (Risk Management Framework).
• Experience with System Security Plans (SSPs), and POA&M management.
• Familiarity with cloud security architectures and FedRAMP-authorized cloud service providers (AWS, Azure).

Required Skills:

• Hands-on experience with tools such as: Tenable/Nessus, (vulnerability scanning) (XSIAM/Cortex, Sentinel 1, or other SIEM platforms, STIG Viewer, SCAP tools, and FedRAMP templates, ServiceNow or similar ticketing/change management systems)
• Minimum 5–7 years of experience in cybersecurity governance, risk, and compliance roles.
• Strong project management and organizational skills; able to manage multiple concurrent initiatives.