Back to jobs
C

NIH - Cyber Program Analyst

RemotePosted 2 days ago
remote

Job Description

cFocus Software seeks a Cyber Program Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 2+ years supporting federal cybersecurity programs, RMF, governance, compliance, or ISSO activities.
  • Preferred certifications include Security+, CAP, CISSP, CISM, PMP, or equivalent.
  • Knowledge of NIST RMF, NIST SP 800-53 Rev.5, FISMA, FIPS, A&A, POA&M management, SSP development, cybersecurity reporting, risk management, executive communications, ServiceNow, Microsoft Office, and cybersecurity governance.

Duties:
  • Support day-to-day program management activities, schedules, milestones, action items, and project reporting.
  • Develop weekly, monthly, quarterly, and ad hoc cybersecurity reports, executive dashboards, risk profiles, and program metrics.
  • Coordinate Program Management Plans, Project Management Plans, Integrated Master Schedules, SOPs, and other contract deliverables.
  • Support Front Door security operations by tracking requests, maintaining documentation, and coordinating issue resolution.
  • Assist ISSOs and System Owners with Assessment and Authorization (A&A) activities throughout the RMF lifecycle.
  • Develop and maintain RMF documentation including SSPs, Security Assessment Plans, Security Assessment Reports, POA&Ms, and authorization packages.
  • Monitor NIST SP 800-53 Rev. 5 security control implementation and continuous monitoring activities.
  • Track Plans of Action & Milestones (POA&Ms), risk acceptance decisions, and remediation activities.
  • Support Risk Management Strategy updates, common control libraries, and Cybersecurity Supply Chain Risk Management (C-SCRM) activities.
  • Coordinate FISMA reporting, audit responses, corrective action plans, and cybersecurity compliance activities.
  • Provide cybersecurity guidance to stakeholders regarding security requirements, documentation, and compliance obligations.
  • Analyze cybersecurity metrics and identify trends, risks, and recommendations supporting executive decision making.
  • Maintain program documentation and ensure compliance with NIH, HHS, NIST RMF, and federal cybersecurity policies.
NIH - Cyber Program Analyst at cFocus Software Incorporated | Renata